Many companies share personal information they gather directly from individuals with “business partners” who use the information for their own direct marketing purposes. It is the case, for example, of companies that provide services on the internet free of charge but gather and sell the data related to their users to business partners. As the Washington Post recently learned, companies with this business model may find it challenging to comply with the European requirements,… More
Category Archives: GDPR
Editors’ Note: This is the second in our third annual end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Our previous entry was on energy and security. Up next: trends in state data privacy enforcement.
Since the General Data Protection Regulation (GDPR) came into effect in May 2018, one of the most common questions for practitioners is what the GDPR means for children. … More
In a recent trip to Ireland, I was surprised to see two subjects that Ireland is known for — GDPR and rugby — coming into conflict. As reported in the Sunday Business Post, World Rugby was lobbying the Irish government to create new data protection laws to address the interaction of anti-doping testing and the laws regarding transfer of data among and between different countries. … More
Senator Warner’s White Paper Gives Congress Options for Regulating Social Media and Technology Companies
Senator Mark Warner of Virginia has released a white paper outlining policy proposals for regulating social media and technology companies. The paper has gained significance in recent weeks as pressure builds on Congress to pass federal data privacy legislation. In the wake of Europe’s GDPR and California’s Consumer Privacy Act, industry groups, tech companies, and privacy activists alike have urged Congress to act.… More
Our experience in advising clients about GDPR and assisting them in the compliance process is that there are often misconceptions about the so-called “right to be forgotten”. The purpose of this post is to address some of these misconceptions.
- The “right to be forgotten” was not created by the GDPR
Partner Colin Zick will join Naomi Leach, Senior Associate, Data Protection at Stephenson Harwood, and Lana Gladstein, Vice President and General Counsel at Brammer Bio, for a MassBio program on July 31 entitled The Era of GDPR Data Privacy, Two Months In: Do you have a Data Transfer Agreement handy?
The GDPR Data Privacy Law has been in effect since May 25,… More
The EU-US Privacy Shield, a framework that allows companies to transfer personal data from the EU to the US in compliance with the GDPR, has been under fire for not providing adequate protection to EU citizens. As Foley noted in 2017, the EU’s Article 29 Working Party (now the European Data Protection Board) identified “a number of significant concerns” with the Privacy Shield in the Working Party’s First Annual Joint Review,… More
Foley Hoag, along with the Massachusetts Export Center, is hosting an Export Regulatory Compliance Update Conference on Thursday, June 14. Among the panels will be one on “Navigating the GDPR & Cybersecurity Regulatory Environment.” Here’s a description of the Panel:
On May 25, 2018, the General Data Protection Regulation (“the GDPR”) went into effect in all Member States of the European Union. However, the GDPR has a broad scope: it applies to organizations established outside the EU that offer goods or services to individuals in the EU and/or monitor the behavior of data subjects within the EU.… More
Cross-posted from our sister blog, Trademark and Copyright Law.
By now, our readers are likely familiar with the General Data Protection Regulation (“GDPR”), the sweeping, European Union-wide legal and regulatory regime that provides enhanced protections for personal data. The GDPR, which goes in effect on May 25, 2018, is expected to reshape the digital data landscape in the EU and beyond. … More