Category Archives: GDPR

GDPR Creates Rugby Scrum

In a recent trip to Ireland, I was surprised to see two subjects that Ireland is known for — GDPR and rugby — coming into conflict.   As reported in the Sunday Business Post, World Rugby was lobbying the Irish government to create new data protection laws to address the interaction of anti-doping testing and the laws regarding transfer of data among and between different countries.  … More

Senator Warner’s White Paper Gives Congress Options for Regulating Social Media and Technology Companies

Senator Mark Warner of Virginia has released a white paper outlining policy proposals for regulating social media and technology companies. The paper has gained significance in recent weeks as pressure builds on Congress to pass federal data privacy legislation. In the wake of Europe’s GDPR and California’s Consumer Privacy Act, industry groups, tech companies, and privacy activists alike have urged Congress to act.… More

Three Things Not to be Forgotten about the GDPR’s “Right to be Forgotten”

Our experience in advising clients about GDPR and assisting them in the compliance process is that there are often misconceptions about the so-called “right to be forgotten”. The purpose of this post is to address some of these misconceptions.

  • The “right to be forgotten” was not created by the GDPR

The GDPR replaced the EU’s 1995 Directive which provided in Article 12(b) that “Member States must guarantee every data subject the right to obtain from the controller: (…),… More

Whither the Privacy Shield?

The EU-US Privacy Shield, a framework that allows companies to transfer personal data from the EU to the US in compliance with the GDPR, has been under fire for not providing adequate protection to EU citizens.  As Foley noted in 2017, the EU’s Article 29 Working Party (now the European Data Protection Board) identified “a number of significant concerns” with the Privacy Shield in the Working Party’s First Annual Joint Review,… More

June 14 – GDPR Panel at Foley Hoag’s Export Regulatory Compliance Update Conference

Foley Hoag, along with the Massachusetts Export Center, is hosting an Export Regulatory Compliance Update Conference on Thursday, June 14.  Among the panels will be one on “Navigating the GDPR & Cybersecurity Regulatory Environment.”  Here’s a description of the Panel:

On May 25, 2018, the General Data Protection Regulation (“the GDPR”) went into effect in all Member States of the European Union. However, the GDPR has a broad scope: it applies to organizations established outside the EU that offer goods or services to individuals in the EU and/or monitor the behavior of data subjects within the EU.… More