What Does Brexit Mean for Data Protection?
With less than a month to go until the UK is due to leave the EU (at 11pm GMT/12pm CET on 29 March 2019), there is still much uncertainty as to whether, and if so how, the UK will exit the EU (commonly...
View ArticleFrench DPA Issues Robust Model Regulation for Biometric Access Controls in...
In late March, the French Data Protection Authority, Commission Nationale de l’Informatique et des Libertés (“CNIL”) released a model regulation (the “Model Regulation”) governing the use of biometric...
View ArticleICO Issues First Intentions to Fine Under the GDPR
GDPR fines are seemingly like buses, you wait over a year for enforcement action by the UK’s data supervisory authority, the ICO, and then two come along at once – and with quite dramatic effect. The...
View ArticleFrench DPA Issues Guidance Surrounding Practice of Web Scraping
On April 30, 2020, the French data protection authority, the CNIL, published a guidance surrounding considerations behind what it calls “commercial prospecting,” meaning scraping publicly available...
View ArticleOne Cross-Border Mechanism Invalid, Another Upheld: Thoughts after the CJEU’s...
On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield, ruling, among other things,...
View ArticlePreparing for the Final Version of the New EU Standard Contractual Clauses...
It has been reported that European Commission will publish the final versions of new forms of Standard Contractual Clauses (“SCCs”) shortly (even potentially within the next few days). The Commission...
View ArticleUK Supreme Court Landmark Decision Limits Data Privacy Class Actions in the UK
The UK Supreme Court handed down its much-anticipated decision in the Lloyd v Google LLC [2021] UKSC 50 case on 10 November 2021 restricting claimants’ ability to bring data privacy class actions in...
View ArticleGrowing Risks to Corporate Groups and the Global PE Industry from Robust...
Since the EU General Data Protection Regulation (“GDPR”) came into effect in May 2018 there have been numerous high-profile enforcement actions (~US$880m is the largest GDPR fine to-date) and private...
View ArticleEU-U.S. and UK-U.S. Data Transfer Deals Advance with White House Executive Order
A new legal mechanism to allow for transfers of personal data between the EU and the U.S. is now advancing after an October 7th, 2022 Executive Order was issued by U.S. President Biden (the “Executive...
View ArticleTravelling outside the EU: French Data Protection Authority Publishes a...
Amid fresh fears about data protection, on November 14th, France’s data protection authority, the Commission Nationale de l’Informatique et des Libertes (CNIL) published a checklist of recommended...
View Article