DLA Piper’s Data Protection and Privacy practice delivers topical legal and regulatory updates and analysis from across the globe.
By Ilias Abassi Since the implementation of the GDPR, there has been much discussion with respect to the appropriate legal basis for the processing of personal data in the context of a clinical trial, in particular how this relates to the Clinical Trials Regulation (CTR) which is expected to enter into force in 2020. There […]
By Denise Lebeau-Marianna and Yaël Hirsch On 12 December 2018, the French Government issued an ordinance[1] finalizing, at the legislative level[2], the alignment of the French Data Protection Law (“FDPL”) with the General Data Protection Regulation[3] (“GDPR”) and the Directive 2016/680[4]. Following-up the adoption of the GDPR, the French Law No. 2018-493 related to personal data protection[5] […]
The Dutch Supervisory Authority (Autoriteit Persoonsgegevens, “AP”) recently communicated a press release stating that it reached out to 30 organizations to request information relating to their data processing agreements (DPAs). Organizations that have been contacted are companies in the media, energy and trade sectors. The AP has requested, among other things, what agreements organizations have […]
After a very long delay and amidst rumors that the Spanish Parliament could be dissolved and early elections called, the Spanish Senate speedily dismissed all the proposals for further changes and approved the new GDPR-compliant Spanish Data Protection Act on Wednesday 21 November 2018. The new Act (“NLOPD“), in addition to regulating many other topics: […]
Due to the complex balances inside the Spanish Parliament, Spain has been unable to put in place to date (July 2018) a new Data Protection Act that develops the EU Regulation 2016/679 (“GDPR”) in the areas where EU Member States are entitled to fill the gaps or add gold-plating requirements on top of those established […]
In the last two weeks the Chinese authorities have been busy providing much-anticipated guidance on the practical steps organisations must take to comply with the new data protection, cybersecurity and technology regulations. In short, the key developments are: Practical implementation guidance under PRC Cybersecurity Law Draft Guidelines on Multi Level Protection Scheme (MLPS) for information […]
Only five days after the GDPR became applicable, the first German court, the Regional Court (Landgericht) Bonn (in a decision dated 29 May 2018, case number 10 O 171/18 – in German only), issued a ruling on the practical application of the GDPR. This probably makes the court’s ruling the first GDPR court decision worldwide, […]
The newly adopted French data protection law is already challenged by Senators who requested a constitutional review the day after the new law’s adoption. This had been announced: at least 60 Senators have referred the new French data protection law to the French Constitutional Council. Despite the accelerated procedure initiated by the Government in December […]
