Our experience in advising clients about GDPR and assisting them in the compliance process is that there are often misconceptions about the so-called “right to be forgotten”. The purpose of this post is to address some of these misconceptions.
The GDPR replaced the EU’s 1995 Directive which provided in Article 12(b) that “Member States must guarantee every data subject the right to obtain from the controller: (…),… More
It’s probably not going to change anything, but the Democratic National Committee has sued Russia (and members of the Russian establishment), members of the Trump campaign, and Wikileaks regard the 2016 election security breaches. The DNC’s complaint includes almost every claim imaginable in response to a hacking incident. If nothing else, it’s a good model for lawyers to crib from. More
What the recent Amazon decision tells us
On 28 July 2016, the European Court of Justice rendered a decision in a dispute between an Austrian Consumer Protection organization known as VKI (Verein für Konsumenteninformation) and Amazon EU Sàrl, a subsidiary of Amazon registered in Luxembourg. The main issue in this case is whether Amazon General Conditions were enforceable under Consumer Law; however; one of the questions referred to the European Court was about the territorial scope (Article 4) of the 95/46/EC Directive on Data Protection.… More
Key takeaways:
The Details:
Following the invalidation of the US-EU Safe Harbor by the European Court of Justice in the Schrems case,… More
As we have noted previously, in the wake of the ECJ’s decision that undid the US-EU Safe Harbor, we were told that there would be no enforcement of the EU Directive until after January 31, to allow the US and EU to hammer out a new regime. However, Isabelle Falque-Perrotin, the chair of the EU’s Article 29 Working Party, has stated that the next meeting of the Working Party will take place on February 2. … More
On 15 December 2015, the three main European institutions, the Commission, the Parliament and the Council, agreed on the final text of the General Data Protection Regulation (GDPR) which has been on the table since January 2012. This is a major achievement, given the number of obstacles that still needed to be overcome a few weeks ago in order to meet the end of 2015 deadline for finalizing the GDPR. … More
Hosted by Foley Hoag LLP and UK Trade & Investment, The British Consulate General in Boston
On October 6, 2015, the European Court of Justice issued a landmark decision invalidating the US-EU Safe Harbor system. In practice, this means that US organizations can no longer rely on the Safe Harbor system to permit the transfer of personal data from the European Union to the US consistent with Directive 95/46/EC.… More
On 13 May 2014 the Court of Justice of the European Union (CJEU) issued a judgment which Google called a “landmark ruling” (Google v. Costeja Gonzalez case, C-131/12). The court held, based on the 95/46 Directive on protection of personal data that “the operator of a search engine is obliged to remove from the list of results displayed following a search made on the basis of a person’s name links to web pages,… More
At the end of what was an interesting, but rather ordinary interview in the Wall Street Journal, FTC Chair Jon Leibowitz dropped this interesting nugget:
MS. ANGWIN: The EU has a very different approach to privacy, and there has been concern about whether we’re going to move in that direction. What’s your view?
MR. LEIBOWITZ: My sense is you might see Europe moving a little bit more to our approach of allowing some advertising and allowing some collection of data.… More
Gant Redmon of Co3 Systems has an interesting take on the differences in U.S. and EU privacy regimes in a Security Week column entitled, “Privacy: Why Europeans Think You’re Inadequate.” In his column, he addresses three key issues: “First, what does privacy mean to folks in the US versus the EU? Second, how has history played a role in defining privacy in the US and EU? … More