On July 20, 2016, the French data protection agency (CNIL) sent Microsoft a formal notice about alleged excesses in personal data collection and user tracking by Windows 10 operating system. Considering the seriousness of the deficiencies and the number of people affected (more than ten million users of Windows 10 in France), the CNIL sent […]
On June 29, 2016, the Belgian Court of Appeal overturned the Brussels Court of First Instance’s decision against Facebook. The Brussels Court of First Instance had found Facebook liable for violation of Belgian privacy law for using cookies to track users who did not consent to the processing of their personal data and non users. Facebook was fined […]
On July 27, 2016, the Government of Canada released a Cloud Adoption Strategy for public comments. Canada will leverage a new IT service-delivery model, aiming at maintaining good IT services in a time of growing demand for online services and a timely access to accurate information. The document focuses on: the Right Cloud adoption strategy. The document approaches […]
APEC Cross Border Privacy Rules (CBPR) system (2011) is a “voluntary accountability-based system to facilitate privacy-respecting data flows among APEC economies”. As of August 2016 there are four participating APEC CBPR system economies: USA, Mexico, Japan and Canada. It has four main components: recognition criteria for organisations wishing to become an APEC CBPR system a questionnaire […]
On July 19, 2016, the consultation on the EU Data Protection Regulation (GDPR) launched by the French data protection agency “CNIL” closed. The consultation concerned four main topics: Data Protection Officers, data portability, Privacy Impact Assessment, and certification. The contributions collected are available here. For more information, Francesca Giannoni-Crystal Follow us on& Like us on […]
On June 13, 2016, Schrem’s website “Europe v Facebook”(website collecting information regarding class actions against Facebook) released a press update according to which the United States government asked the Irish High Court to join as amicus curiae in the case between Max Schrems and Facebook. “The US government likely wants to defend its surveillance laws before the European […]
On July 22, 2016, the European Data Protection Supervisor (EDPS) released Opinion 5/2016 on the review of the ePrivacy Directive (2002/58/EC). This Opinion focuses on the issues specifically requested by the EU Commission. Particularly, the EDPS suggested that “a new proposal on ePrivacy should guarantee confidentiality of communications, offer clarity and complement the General Data […]
On July 26, 2016, the Article 29 Working Party (WP29) released a statement on the decision of the European Commission on the EU-U.S. Privacy Shield. The statement refers to the Privacy Shield approved by the European Commission on July 12, 2016 (see here) and addresses the changes brought to the text of the document after […]
On July 1, 2016, the Bermuda House of Assembly passed the Personal Information Protection Bill (PIPA). PIPA is a “milestone in the history of human rights in Bermuda”. The Bill provides Bermuda residents with the right to have their personal information protected. It applies to all organizations, businesses and the government that process personal information, both […]
On July 12, 2016, the European Commission officially approved the Privacy Shield, issuing the decision of adequacy (“Decision”). The Privacy Shield is supposed to provide a safe mechanism to transfer personal data from the EU to the US for those organizations that comply with the framework. Compared to the Safe Harbor (which the Privacy Shield […]