Tag Archives: EU

Blogging from BIO 2018: Does the Life Science Industry “Get” Cyber Security?

I am attending BIO 2018 in Boston, just steps from our Boston office. Naturally, I was drawn to yesterday’s session on “Life Sciences Cyber Exposures and Risk Mitigation Considerations.” But I came away disappointed. First of all, the session was held in a small room and even then, it was only one-third full (maybe 30 people of the 16,000 attending BIO 2018 chose to attend).… More

Schrems’ Privacy Organization Files First Complaints Based on GDPR

On Friday, May 25, the day when GDPR became effective, noyb.eu (None of Your Business), the non-profit privacy organization recently set up by Max Schrems, filed the first complaints based on GDPR.

Max Schrems is the Austrian privacy lawyer who had complained about the transfer of his data to the United States by Facebook:  he argued that, in light of the Snowden revelations,… More

Schrems v. Facebook: The Show Must Go On In Vienna, But Now As A One-Man Show

Recently, Austrian privacy activist Maximilian Schrems won a partial victory in his continuing battles with Facebook. We discuss that case below. But first, we review his prior tilts with Facebook.

Schrems in Ireland’s Courts

When Schrems was a college student, he heard a Facebook representative at a conference talk about European privacy rules with a lack of consideration that shocked him. Since then, Schrems has been fighting Facebook on many fronts.… More

Privacy Shield: Article 29 Working Party Calls Upon the European Commission and US Authorities to Restart Discussions

‎On November 28, 2017, the EU’s Article 29 Working Party issued its report on the First Annual Joint Review of the EU-US Privacy Shield, which was conducted on September 18-19, 2017.

In this 38 page report, the WP analyzed the Privacy Shield’s commercial and government aspects (as it did in its earlier opinion, issued in April 2016 when the Privacy Shield was still a draft;… More

Schrems II Judgment Rendered

A 152 page judgment was rendered today by the Irish High Court in Schrems II:  DPC v Facebook.

Not surprisingly, the court decided to refer the case to the Court of Justice of the European Union to make a decision about the validity of the three decisions ‎issued by the Commission for the Standard Contractual Clauses.

Ms. Justice Caroline Costello referred these issues because she concurred with the Irish Data Protection Commissioner’s view there are “well founded”… More

EU Updates on Schrems II and the Privacy Shield

The current challenge to Facebook’s privacy practices in Ireland (“Schrems II”) may be coming to a head.  You will recall that in Schrems I, the challenge to Facebook’s privacy practices led to a decision issued by the European Court of Justice that invalidated the US-EU Safe Harbor.  Following the invalidation of the Safe Harbor, Facebook switched to the Commission’s Standard Contractual Clauses (SCC) and the Schrems complaint was reformulated to challenge the SCC.… More

How Can Yahoo E-Mail Scanning Impact the EU-U.S. Privacy Shield?

Reuters reported earlier this month that, according to three former employees, Yahoo Inc. had “complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo mail accounts at the behest of the NSA or FBI.” Yahoo responded that the article was misleading, but did not deny the scanning had occurred.

The New York Times reported further details about this scanning:  Yahoo had modified a system intended to scan emails for child pornography and spam in order to satisfy a secret court order requiring it to search for messages containing a computer “signature” tied to the communications of a state-sponsored terrorist organization.… More