Article 37(5) General Data Protection Regulation (GDPR) does not list with particularity the professional skills that should be considered when designating the Data Protection Officer (“DPO”). It provides: The data protection officer shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability […]
On February 3, 2017, the Pennsylvania US District Court granted the Government’s motions to compel Google to comply with search warrants, holding that this was not an extraterritorial application of the stored Communications Act 18 U.S.C. (“SCA“). The District Court had issued two search warrants, pursuant to section 2703 of the SCA §§ 2701 et seq., […]
Tags: DATA PROTECTION
Inside its newly created website section on GDPR, the Agencia Española de Protección de Datos (AEPD) has recently published three guidelines to assist organizations to comply with the new Regulation: The Guidelines for the data controllers (useful check list is included). Available (in Spanish) here. The Guidelines for entering into agreements between controllers and processors. […]
Starting on February 7, 2017, the Irish High Court will hear a case brought by the Irish Data Protection Authority (DPA) against Facebook Ireland Ltd and Mr Schrems over EU-US data transfers after the Snowden disclosures. After the ECJ invalidated the “Safe Harbor” decision, Facebook performed its data transfer to the US using the “Model Clauses”. Mr. Schrems […]
European Court of Justice — Case C‑13/16 On January 26, 2017, the Advocate General (AG) to the Court of Justice of the European Union (CJEU) Mr. Bobek opined that there is no legal obligation for a data controller under EU data protection law to disclose data enabling the identification of a person allegedly responsible for an administrative offence. In […]
The European Union Agency for Network and Information Security (ENISA) released an interesting report “to raise awareness for the most impactful market advances, by shortly identifying the most significant cyber insurance developments for the past four years – during 2012 to 2016 – and to capture the good practices and challenges during the early stages […]
Tags: CYBERINSURANCE
On November 10, 2016, the Eleventh U.S. Circuit Court of Appeals held that merely exposing sensitive data is not reasonably likely to harm consumers. LabMD operated as a clinical laboratory and as part of its business, receives patients’ sensitive personal information, which included their names, birthdates, addresses, and Social Security numbers. LabMD’s billing manager allegedly […]
On Tuesday, January 31, 2017, a lively panel discussed The Shifting Paradigm of Data Security: Intelligence & Big Data. The German Center for Research and Innovation and the European American Chamber of Commerce organized the event. The panel included Joanna Burkey, Chief Information Security Officer, at Siemens, Joseph V. DeMarco, Partner at DeVore & DeMarco […]
In Formal Opinion 2016-196, the California State Bar Ethics Committee dealt with the question of when a blog by a lawyer is subject to the ethics rules on advertising. If a blog is integrated into a lawyer’s website, it will be treated as advertising. A separate blog or blog post may or may not be […]
The Advocate General (AG) of the Court of Justice of the European Union (ECJ) opined on the right to be forgotten in companies’ registers: no right to be forgotten there. In case C-393/15, the Corte di Cassazione (the Italian Supreme Court) asked the ECJ to clarify the right of individuals to be forgotten, to have their […]