The result of one of Europe’s most anxiously awaited data protection cases came out last week. We have previously reported on the action brought by Max Schrems in Austria against Facebook. Our previous alert with background on the case is here. What happened? On July 1, 2015, the Vienna Regional Court (Landesgericht) rejected the Schrems […]
On July 1, 2015, the Vienna Regional Court (Landesgericht) rejected a class action (Datenschutz Sammelklage) complaint brought by Max Schrems, an Austrian data protection activist, against Facebook Inc. for lack of jurisdiction The court (Landesgericht) found in first instance that it is not entitled to decide on the class action claiming that Facebook breached EU […]
In May 2015, New York Stock Exchange NYSE Governance Services surveyed nearly 200 directors of public companies representing a variety of industries—including financial services, technology, and health care—to discover how they view cybersecurity in the boardroom. The goal of the survey goal was to gain insight into how cybersecurity is being understood, prioritized, and addressed at the […]
On June 2, 2015, Congress passed the USA Freedom Act, which the same day was signed into law by President Obama. The USA Freedom Act reforms the authorities of the Federal Government to require the production of certain business records, conduct electronic surveillance, use pen registers and trap and trace devices, and use other forms […]
On June 1, 2015, the District Court of Nevada dismissed without prejudice for lack of standing a putative class action brought by data subjects whose personal information were stolen against Zappos. Zappos was targ eted by hackers and the personal identifying information of approximately 24 million of its customers were stolen. Shortly thereafter, a number […]
On October 20, 2014, the District Court of New Jersey dismissed a shareholder’s derivative action against the officers of a Delaware company alleging breach of fiduciary duty in connection with three data breaches. The decision offers interesting inputs for companies’ officials with regard to potential data breaches’ risks and liabilities. This case involves a shareholder […]
On October 2014 the French Data Protection Authority (the CNIL) conducted an online audits to ascertain companies’ compliance with French cookie rules. As a result of that audit activity on June 30, 2015 the CNIL issued a press release stating that it has sent a “lettre de mise en demeure“ (formal letter of enforcement) to approximately 20 companies requesting […]
On June 18, 2015, the Article 29 Working Party (WP29) released a press statement to share the results of a survey launched to evaluate the EU practice regarding de-listing requests. A little more than one year ago the European Court of Justice (“ECJ) issued its famous”right-to-be-forgotten”decision in the Costeja case, C-131/12, holding that data subjects have […]
On June 19, 2015, the Article 29 Working Party (WP29) released a press statement to share its views on the text of the Data Protection Regulation Proposal. WP29 stressed that the new legislation should: not lower the current level of protection provided in the Directive 95/46; be clear, simple and easy to understand; and allow […]
On June 12, 2015 the French Data protection Authority CNIL (Commission Nationale de l’Information et des Liberté) has ordered Google to process requests to be forgotten on all extension of its websites, not only “fr”. The CNIL has specified that this formal notice is not a sanction but that Google must comply within the fifteen days or […]