In a recent trip to Ireland, I was surprised to see two subjects that Ireland is known for — GDPR and rugby — coming into conflict. As reported in the Sunday Business Post, World Rugby was lobbying the Irish government to create new data protection laws to address the interaction of anti-doping testing and the laws regarding transfer of data among and between different countries. … More
Tag Archives: EU
Our experience in advising clients about GDPR and assisting them in the compliance process is that there are often misconceptions about the so-called “right to be forgotten”. The purpose of this post is to address some of these misconceptions.
- The “right to be forgotten” was not created by the GDPR
I am attending BIO 2018 in Boston, just steps from our Boston office. Naturally, I was drawn to yesterday’s session on “Life Sciences Cyber Exposures and Risk Mitigation Considerations.” But I came away disappointed. First of all, the session was held in a small room and even then, it was only one-third full (maybe 30 people of the 16,000 attending BIO 2018 chose to attend).… More
Max Schrems is the Austrian privacy lawyer who had complained about the transfer of his data to the United States by Facebook: he argued that, in light of the Snowden revelations,… More
Recently, Austrian privacy activist Maximilian Schrems won a partial victory in his continuing battles with Facebook. We discuss that case below. But first, we review his prior tilts with Facebook.
Schrems in Ireland’s Courts
When Schrems was a college student, he heard a Facebook representative at a conference talk about European privacy rules with a lack of consideration that shocked him. Since then, Schrems has been fighting Facebook on many fronts.… More
With enforcement set to begin in May 2018, organizations around the world must be ready to comply with the European Union’s General Data Protection Regulation (GDPR). Partner Colin Zick discusses 10 things you need to know now with Enterprise.nxt.
Privacy Shield: Article 29 Working Party Calls Upon the European Commission and US Authorities to Restart Discussions
On November 28, 2017, the EU’s Article 29 Working Party issued its report on the First Annual Joint Review of the EU-US Privacy Shield, which was conducted on September 18-19, 2017.
Since the adoption of the Regulation on 27 April 2016, the Article 29 Working Party (with representatives of the Supervisory Authorities of all Member States) has issued 3 sets of guidance on “Data portability”,… More
A 152 page judgment was rendered today by the Irish High Court in Schrems II: DPC v Facebook.
Not surprisingly, the court decided to refer the case to the Court of Justice of the European Union to make a decision about the validity of the three decisions issued by the Commission for the Standard Contractual Clauses.
Ms. Justice Caroline Costello referred these issues because she concurred with the Irish Data Protection Commissioner’s view there are “well founded”… More
The current challenge to Facebook’s privacy practices in Ireland (“Schrems II”) may be coming to a head. You will recall that in Schrems I, the challenge to Facebook’s privacy practices led to a decision issued by the European Court of Justice that invalidated the US-EU Safe Harbor. Following the invalidation of the Safe Harbor, Facebook switched to the Commission’s Standard Contractual Clauses (SCC) and the Schrems complaint was reformulated to challenge the SCC.… More