News

On February 29, 2016, the European Commission issued the legal texts to implement the EU-US Privacy Shield and a communication relevant to that. The Commission also released a draft “adequacy decision”. Once adopted, the adequacy decision establishes that “the safeguards provided when data are transferred under the new EU-U.S. Privacy Shield are equivalent to data protection standards […]

On February 24, 2016, President Barack Obama signed the Judicial Redress Act into law, so granting the citizens of certain allied countries the same protection of US citizens under the Privacy Act. The full title of the Bill is: “To extend Privacy Act remedies to citizens of certified states, and for other purposes.” The President […]

Francesca Giannoni-Crystal & Allyson Haynes Stuart have just published in the Information law Journal an article dealing with privacy and data protection in the IoT. The article deals with recent developments in the IoT sector, highlights the difficulty of giving a definition of the IoT, and discuss the most important authorities (on the two side of the Atlantic) […]

The German Government approved the draft law to improve enforcement of certain data protection law provisions that aim to strengthen consumers’ protection. The law was published on February 17, 2016 and entered into force on February 24, 2016. In particular, the law empowers consumers and business associations to commence actions against (and issue warnings to) companies who […]

On February 23, 2016, the European American Chamber of Commerce (EACC) hosted an interesting EU-US Privacy Roundtable with Privacy Activist Max Schrems, founder of the group Europe v. Facebook. The panel started by providing a brief overview of the developments in data privacy laws. It also explained the judiciary path that brought to the judgment […]

On January 22, 2016, the U.S. Food and Drug Administration (“FDA”) released draft guidance entitled “Postmarket Management of Cybersecurity in Medical Devices”. The document outlines recommendations to medical device manufacturers for managing postmarket cybersecurity vulnerabilities for marketed medical devices. The draft guidance applies to: 1) medical devices that contain software (including firmware) or programmable logic, […]

On February 9, 2016, President Obama President issued an executive order establishing the “Federal Privacy Council”, an interagency support structure consisting of senior privacy officials from each cabinet agency. The Privacy Council was established – according to the President – to protect privacy in order to maintain trust in the public institutions, considering the large amounts of […]

Three defendants (John Ayers, Leaplab and Leads Company) settled with the Federal Trade Commission the charges that they knowingly provided marketers/scammers with consumers’ sensitive personal information. The FTC pressed charges alleging that the defendants, after collecting from consumers hundreds of thousands of loan applications through payday loan websites (the application included names, address, phone number, […]

On February 16, 2016, Article 29 Working Party (WP29) issued an update on Opinion 8/2010 on applicable law. The update provides explanations concerning the applicable law in light of the Court of Justice of the European Union (CJEU) judgement’s in Google Spain (or Costeja case, C-131/12). The ruling of May 13, 2015 held that EU data subjects have a right […]

On February 2, 2016, Article 29 Working Party (WP29) released a statement containing “the 2016 action plan for the implementation of the General Data Protection Regulation (GDPR)” that will guide the implementation of the General Data Protection Regulation (GDPR). The document particularly offers guidance on the transition toward the European Data Protection Board (EDPB). In the GDPR, DPAs […]