On 13 April 2018, the High Court, in NT1 & NT2 v Google LLC [2018] EWHC 799 (QB), ruled against Google, in favour of two businessmen advocating for the right to be forgotten. You can find the full judgment here, but in this blog we explore the reasoning behind the Court’s decision. Right to be … Continue Reading
In anticipation of the implementation of the Trade Secrets Directive, the topic of know-how protection has been widely discussed. Dr Anette Gärtner, along with Sabrina Gossler, has written an article which explores the current legal situation in Germany, analyses the relevant provisions of the Directive and explains the immediate next steps for companies operating in … Continue Reading
On 10 April 2018, the Article 29 Working Party (WP29) published revised guidelines on consent under the General Data Protection Regulation (GDPR). Consent is one of the six GDPR bases for the lawful processing of personal data. Technology Law Dispatch looked at the WP29’s draft guidelines on consent earlier this year. This article examines the … Continue Reading
The Article 29 Working Party (WP29) adopted, on 11 April 2018, finalized guidelines on transparency (the Guidelines) under the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR), following its public consultation. Technology Law Dispatch looked at the draft guidance on transparency earlier this year, so this blog focuses on the key issues and what is … Continue Reading
The Article 29 Working Party (WP29) published a consultation on guidelines for the accreditation of certification bodies under the General Data Protection Regulation (GDPR), which closed at the end of March. The consultation guidelines would require a certification body under the GDPR to be accredited by either the competent supervisory authority or the national accreditation … Continue Reading
In November 2017, the House of Commons Committee on Exiting the European Union (the Committee) published impact assessment reports of Brexit on various UK business sectors. The Report on the Technology (ICT) Sector (the Report) is a mix of qualitative and quantitative analysis. For each business sector, the Report includes: (i) a description of the … Continue Reading
Arizona and its Attorney General’s office have emerged as key players in the effort to prioritize data security on the national stage. Since his inauguration in 2015, Arizona Attorney General Mark Brnovich has struck a balance between supporting innovation and protecting Arizonans’ privacy rights. With the support of Governor Doug Ducey, Arizona is taking active … Continue Reading
The Article 29 Working Party (WP29) discussed a number of important issues during its April plenary meeting on 17 April 2018. In its summary press release, the WP29 gave an update on the issues it discussed. Implementation of the General Data Protection Regulation (GDPR) and adopted guidelines WP29 formally adopted guidelines on consent and transparency … Continue Reading
On 23 February 2018, the Article 29 Working Party (WP29) sent a letter to Alban Schmutz, President of Cloud Infrastructure Services Providers in Europe (CISPE), in response to the organisation’s submission of a draft Code of Conduct for Cloud Infrastructure Service Providers. In conducting its review, the aim of WP29 was to ensure that the … Continue Reading
The findings from the recent Higher Regional Court of Düsseldorf decision Mobiles Kommunikationssystem have established a new framework that should be followed when courts are benchmarking standard-essential patents (SEP) licence offers. The court has commented on which requirements are to be placed on the infringement notice, the licence request and the licence offer and how … Continue Reading
On 28 February 2018, Andrus Ansip, the European Commission (Commission) Vice President and commissioner responsible for the Digital Single Market strategy, commented that all companies should be able to monetise user data, in the same way that social media companies do. Mr Ansip’s comments reflect the aims of the General Data Protection Regulation (GDPR) to … Continue Reading
In preparation for the EU’s General Data Protection Regulation (GDPR), which comes into effect May 25, Facebook announced it is launching a range of new privacy tools in an effort to “put people in more control over their privacy.” Interestingly, last week Mark Zuckerberg clarified that he intends to implement Europe’s GDPR across its entire … Continue Reading
The UK government has published its response to a public consultation on the EU Directive on security networks and information systems (NIS Directive) that opened in August last year. The response sets out the UK’s vision for improving the security of the UK’s essential services by implementing the NIS Directive. The NIS Directive The NIS … Continue Reading
Earlier this year the UK Department for Digital, Culture, Media & Sport published its new Digital Charter. This short document outlines a UK rolling programme of work designed to make the UK a friendly environment to start-up and grow digital businesses. It is also designed to make the UK a safe place to be online. … Continue Reading
A recent study conducted by researchers at the University of Piraeus, published in the Institute of Electrical and Electronics Engineers’ Access journal (29 January 2018), has indicated that many popular health apps have significant privacy and cybersecurity failings; many of them do not follow standard practices nor will they comply with the upcoming General Data … Continue Reading
Recently, the European Commission endorsed draft horizontal provisions for cross-border data flows and personal data protection in trade agreements – as personal data is a fundamental right, it is not something which can be the subject of negotiation in EU trade deals. Relatedly, the Article 29 Working Party (A29WP) consultation on the guidelines under Article … Continue Reading
In February, we reported that South Dakota and Alabama were the last two U.S. states without data breach notification laws. Since then, both states have enacted data breach laws. South Dakota governor Dennis Daugaard signed South Dakota Bill No. 62 into law on March 21, making it the 49th state to pass a data breach … Continue Reading
Check out this month’s edition of The Privacy Advisor, a publication of the International Association of Privacy Professionals (IAPP), for Divonne Smoyer and Kimberly Chow’s Q&A with Indiana Attorney General Curtis Hill. AG Hill has prioritized rolling back federal overreach and safeguarding consumers from fraud and scams, along with continuing to take a hard line … Continue Reading
In a published decision, a unanimous panel of the Appellate Division rejected “the notion that plaintiffs – in alleging an invasion of privacy in an office building’s bathroom – could only claim the presence of a hidden recording device by demonstrating their images were actually captured.” Jaime Friedman et al. v. Teodoro Martinez et al., case … Continue Reading
On February 28, 2018, the Federal Trade Commission (FTC) released a report about security update practices for businesses providing mobile phones and other connected devices. The report recommends that manufacturers and carriers provide security updates that are consistent with consumer expectations, provide better information regarding their security practices and educate consumers on their role in … Continue Reading
On 6 February 2018, the Article 29 Working Party (WP29) adopted revised guidelines on binding corporate rules (BCRs). These were issued following a period of public consultation that concluded on 17 January 2018. Technology Law Dispatch previously covered the issuing of the draft guidelines last December, in a blog setting out the key elements of … Continue Reading
During an Article 29 Working Party (WP29) press conference on 7 February 2018, the outgoing chair and French privacy chief, Isabelle Falque-Pierrotin, expressed concerns that EU data protection authorities (DPAs) may not be able to enforce the General Data Protection Regulation (GDPR) effectively and in a unified manner in accordance with the consistency mechanism, by … Continue Reading
The Winter 2018 edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released. We cover new case law on marketing consent, cookie consent, the liability of platform providers, employee data protection, sales of address data and the right to be forgotten. The newsletter also includes multiple recommended reads … Continue Reading
The Regional Court of Berlin held in a judgment of 16 January 2018 (docket no. 16 O 341/15, German language version of the judgment available here) that Facebook’s default privacy settings and parts of their terms and conditions were invalid. This judgment provides important guidance on consent and transparency. Background The Federation of German Consumer … Continue Reading
