DATA PROTECTION Archives – Page 31 of 85

Francesca Giannoni-Crystal and Allyson Haynes Stuart, EU data protection and cybersecurity law as applied to the IoT – some thoughts about why it is inadequate

Date 03/01/2016.

Internet-of-Things (IoT) (or internet-of-everything as it is often interchangeably called-) is a buzzword and it is all over. At present, the news is more technological than legal. Nonetheless, the IoT triggers some worrisome legal issues, among which data collection, data security, and invasion of privacy are among the most compelling. Actually, these issues are imposing because […]

Class actions for privacy violations becomes a reality in Germany

Date 02/24/2016.

The German Government approved the draft law to improve enforcement of certain data protection law provisions that aim to strengthen consumers’ protection. The law was published on February 17, 2016 and entered into force on February 24, 2016. In particular, the law empowers consumers and business associations to commence actions against (and issue warnings to) companies who […]

EU-US Privacy Roundtable with Privacy Activist Max Schrems in New York

Date 02/24/2016.

On February 23, 2016, the European American Chamber of Commerce (EACC) hosted an interesting EU-US Privacy Roundtable with Privacy Activist Max Schrems, founder of the group Europe v. Facebook. The panel started by providing a brief overview of the developments in data privacy laws. It also explained the judiciary path that brought to the judgment […]

FDA issues draft guidance “Postmarket Management of Cybersecurity in Medical Devices”

Date 02/22/2016.

On January 22, 2016, the U.S. Food and Drug Administration (“FDA”) released draft guidance entitled “Postmarket Management of Cybersecurity in Medical Devices”. The document outlines recommendations to medical device manufacturers for managing postmarket cybersecurity vulnerabilities for marketed medical devices. The draft guidance applies to: 1) medical devices that contain software (including firmware) or programmable logic, […]

Obama establishes Federal Privacy Council

Date 02/19/2016.

On February 9, 2016, President Obama President issued an executive order establishing the “Federal Privacy Council”, an interagency support structure consisting of senior privacy officials from each cabinet agency. The Privacy Council was established – according to the President – to protect privacy in order to maintain trust in the public institutions, considering the large amounts of […]

FTC settles with data brokers for selling sensitive personal information to marketers/scammers

Date 02/18/2016.

Three defendants (John Ayers, Leaplab and Leads Company) settled with the Federal Trade Commission the charges that they knowingly provided marketers/scammers with consumers’ sensitive personal information. The FTC pressed charges alleging that the defendants, after collecting from consumers hundreds of thousands of loan applications through payday loan websites (the application included names, address, phone number, […]

WP29 issues new opinion on law applicable in light of the CJEU judgement in Google Spain

Date 02/18/2016.

On February 16, 2016, Article 29 Working Party (WP29) issued an update on Opinion 8/2010 on applicable law. The update provides explanations concerning the applicable law in light of the Court of Justice of the European Union (CJEU) judgement’s in Google Spain (or Costeja case, C-131/12). The ruling of May 13, 2015 held that EU data subjects have a right […]

WP29’s 2016 action plan for implementing GDPR (transition to European Data Protection Board among the priorities)

Date 02/16/2016.

On February 2, 2016, Article 29 Working Party (WP29) released a statement containing “the 2016 action plan for the implementation of the General Data Protection Regulation (GDPR)” that will guide the implementation of the General Data Protection Regulation (GDPR). The document particularly offers guidance on the transition toward the European Data Protection Board (EDPB). In the GDPR, DPAs […]

French DPA starts post Safe Harbor privacy enforcement

Date 02/10/2016.

On February 8, 2016, the French Data Protection Authority (CNIL) issued a formal notice to Facebook to comply within three months with the French Data Protection Act. According to CNIL, among other violations, Facebook is breaching French Data Protection Laws by transferring “personal data to the United States on the basis of Safe Harbour, although the […]

WP29 welcomes EU-US “Privacy Shield” agreement but – while waiting to receive relevant documents – reserves judgment on whether it meets ECJ’s requirements

Date 02/05/2016.

On February 3, 2016, Article 29 Working Party (WP29) met to discuss the consequences of the European Court of Justice’s ruling of October 6, 2015, which declared the old Safe Harbor framework invalid (see here for more information). WP29 welcomed the recent EU-U.S. announcement that the “Privacy Shield” will substitute the old “Safe Harbour” (see here). However, it […]

DATA PROTECTION

Training