I am attending BIO 2018 in Boston, just steps from our Boston office. Naturally, I was drawn to yesterday’s session on “Life Sciences Cyber Exposures and Risk Mitigation Considerations.” But I came away disappointed. First of all, the session was held in a small room and even then, it was only one-third full (maybe 30 people of the 16,000 attending BIO 2018 chose to attend).… More
Tag Archives: EU
Max Schrems is the Austrian privacy lawyer who had complained about the transfer of his data to the United States by Facebook: he argued that, in light of the Snowden revelations,… More
Recently, Austrian privacy activist Maximilian Schrems won a partial victory in his continuing battles with Facebook. We discuss that case below. But first, we review his prior tilts with Facebook.
Schrems in Ireland’s Courts
When Schrems was a college student, he heard a Facebook representative at a conference talk about European privacy rules with a lack of consideration that shocked him. Since then, Schrems has been fighting Facebook on many fronts.… More
With enforcement set to begin in May 2018, organizations around the world must be ready to comply with the European Union’s General Data Protection Regulation (GDPR). Partner Colin Zick discusses 10 things you need to know now with Enterprise.nxt.
Privacy Shield: Article 29 Working Party Calls Upon the European Commission and US Authorities to Restart Discussions
On November 28, 2017, the EU’s Article 29 Working Party issued its report on the First Annual Joint Review of the EU-US Privacy Shield, which was conducted on September 18-19, 2017.
Since the adoption of the Regulation on 27 April 2016, the Article 29 Working Party (with representatives of the Supervisory Authorities of all Member States) has issued 3 sets of guidance on “Data portability”,… More
A 152 page judgment was rendered today by the Irish High Court in Schrems II: DPC v Facebook.
Not surprisingly, the court decided to refer the case to the Court of Justice of the European Union to make a decision about the validity of the three decisions issued by the Commission for the Standard Contractual Clauses.
Ms. Justice Caroline Costello referred these issues because she concurred with the Irish Data Protection Commissioner’s view there are “well founded”… More
The current challenge to Facebook’s privacy practices in Ireland (“Schrems II”) may be coming to a head. You will recall that in Schrems I, the challenge to Facebook’s privacy practices led to a decision issued by the European Court of Justice that invalidated the US-EU Safe Harbor. Following the invalidation of the Safe Harbor, Facebook switched to the Commission’s Standard Contractual Clauses (SCC) and the Schrems complaint was reformulated to challenge the SCC.… More
The new (EU) 2016/679 General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. Its scope is broader than that of the current 95/46/CE Directive, which means that more companies headquartered outside of the EU will have to comply with European data protection rules than under the current regime.
The 95/46/CE Directive set up a European body, the Article 29 Working Party,… More
Reuters reported earlier this month that, according to three former employees, Yahoo Inc. had “complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo mail accounts at the behest of the NSA or FBI.” Yahoo responded that the article was misleading, but did not deny the scanning had occurred.
The New York Times reported further details about this scanning: Yahoo had modified a system intended to scan emails for child pornography and spam in order to satisfy a secret court order requiring it to search for messages containing a computer “signature” tied to the communications of a state-sponsored terrorist organization.… More