Tag Archives: EU

South Korea joins APEC’s Cross Border Privacy Rules system

This week, it was officially announced that South Korea has become the fifth country to join the Asia-Pacific Economic Cooperation’s (APEC) Cross Border Privacy Rules (CBPR) system. This system was developed by APEC in 2011 to “build consumer, business and regulator trust in cross border flows of personal information” and thus facilitate e-commerce among APEC … Continue Reading

One year to go – European Commission issues statement on benefits of GDPR

“A year from now, the European Union will start benefiting from the new data protection standards.” This week, the European Commission’s most senior voices gave an official statement promoting the benefits of the new General Data Protection Regulation (GDPR). Andrus Ansip (Vice-President) and Věra Jourová (Commissioner) of the European Commission aimed their statement at all … Continue Reading

Preparing for the GDPR: what you need to know

Data protection procedures will require an overhaul for any company that offers goods and services, or tracks individuals, in the EU under the European General Data Protection Regulation (GDPR) to take effect from 25 May 2018. Given the changes in compliance requirements that the GDPR entails, it is vital that you use 2017 to audit … Continue Reading

European Commission Publishes Proposal for Signing the EU-U.S. Umbrella Agreement

The EU-U.S. data protection Umbrella Agreement consists of a framework of principles and safeguards for trans-Atlantic transfers of personal data (such as criminal records, names and addresses) in relation to the prevention, detection, investigation and prosecution of criminal offences, including terrorism. The agreement seeks to satisfy two core objectives: first, to ensure a high level … Continue Reading

Turkish Parliament Enacts New Data Protection Law

In a step toward its accession to the EU, Turkey has enacted its first comprehensive Data Protection Law. The law was passed by the Turkish Parliament 24 March and published in the Official Gazette 7 April. The law is based largely on the EU Data Protection Directive (95/46/EC), and as such introduces familiar definitions of … Continue Reading

EU General Data Protection Regulation in force from 25 May 2018: the Countdown to Compliance starts now

The long-awaited General Data Protection Regulation was published in the Official Journal of the European Union on 4 May 2016. This means that the most comprehensive reform to the EU’s omnibus data protection law in 20 years will apply throughout the European Union from 25 May 2018. We have written in previous posts (here and here) … Continue Reading

Privacy Shield does not achieve adequacy of protection under current regime, say EU Data Protection Authorities

On 13 April, the Article 29 Data Protection Working Party (‘WP29’) published its opinion on whether the proposed Privacy Shield programme, which is intended to replace the now-invalid Safe Harbor pact for facilitating trans-Atlantic data flows, achieved an adequate level of protection. The WP29 acknowledged that many of the shortcomings of Safe Harbor have been … Continue Reading

Study reports draft EU Data Protection Regulation leaves gaps in protection when it comes to Big Data, Internet of Things and smart devices

A study published 22 September 2015 criticises the EU’s development of its Digital Single Market (‘DSM’) strategy for being overly commercially and economically driven, with little attention to the key legal and social challenges regarding privacy and personal data protection. The development of the DSM should not be at the expense of individuals’ privacy rights, say … Continue Reading

Tech giants caught between EU disagreements on scope of Proposed Network and Information Security Directive

U.S. tech giants, like Google and Facebook, found themselves caught between the European Parliament and the European Commission as disagreements continue as to whether Internet service providers should be included within the definition of ‘market operators’ in the Proposed Directive on Network and Information Security (IP/13/94) (the ‘Directive’). Currently, the EU Commission would like to … Continue Reading

EU Commission Publishes Work Program for 2015

The European Commission’s work program for 2015 covers 10 actions for 2015, including a “connected digital single market” across the EU. As part of the Digital Single Market Package, the Commission aims to conclude negotiations on the European data protection reform and the Regulation, and to propose changes to deal with existing challenges in the … Continue Reading

Presidency of the Council of Ministers publishes amendments to ‘one stop shop’ of the draft EU Data Protection Regulation

In October 2013, we reported on the move towards a ‘One Stop Shop’ (OSS) approach to EU Data Protection. The OSS principle aims to create consistency for international organisations to process personal data in multiple member states through the appointment of a single competent authority to monitor the data-controller’s activities across all EU Member States. … Continue Reading

The EU Cyber Security Directive: Latest Developments

The Cyber Security Directive (formally known as the Network & Information Security Directive) (the Directive) was considered by the European Parliament (the Parliament) in March. After a first reading of the Directive, MEPs voted strongly in favour of its progression to the next stage of the legislative process. This will involve negotiations between the European … Continue Reading

European Parliament votes in favour of new Data Protection Regulation

This post was written by Cynthia O’Donoghue. In March, the European Parliament voted overwhelmingly in favour of implementing the draft Data Protection Regulation, making its commitment to reforming the European regime irreversible. In order to become law, the Regulation must now be negotiated and adopted by the Council of Ministers. Discussions around reform began in … Continue Reading

Article 29 Working Party and APEC authorities release “practical tool” to map the requirements of the BCR and CBPR regimes

At the beginning of March, representatives of the EU Article 29 Working Party and the Asia-Pacific Economic Cooperation (which includes, among others, the United States and the People’s Republic of China) announced the introduction of a new Referential on requirements for binding corporate rules (the Referential). Both the EU and Asia-Pacific Economic Cooperation (APEC) regimes … Continue Reading

EU Research Group Condemns EU Regulation for Restricting Growth in Life Sciences Sector

The Wellcome Trust has collaborated with a number of leading medical research organisations to lobby the European Parliament and the Council of Ministers against amendments to the proposed EU Regulation, which could severely restrict the future growth of the life sciences sector in the EU. The lobby group comprises of the European Organisation for Research … Continue Reading

ENISA Publishes Report & Good Practice Guide on Government Cloud Deployment

The EU Agency for Network and Information Security (ENISA) announced in a press release that it has produced a report titled ‘Good Practice Guide for Securely Deploying Governmental Clouds’, which analyses the current state of play regarding governmental Cloud deployment in 23 countries across Europe, categorised on a scale of “Early adoptors”, “Well-Informed”, “Innovators” or … Continue Reading

Article 29 Working Party adopts a “general positive stance” in its Opinion on the new EU Data Privacy Regulation and Directive

This post was written by Cynthia O’Donoghue. In the Article 29 Working Party’s Opinion on the new EU data protection reforms, the Working Party has carefully studied both the Regulation and the Directive, and has given its first general reaction. The Working Party welcomed the provisions intended to clarify and strengthen the rights of individuals, including … Continue Reading

“Stick, Twist or Bust?” UK Minister warns EU Commission not to gamble with the future direction of data protection law.

This post was also written by Nick Tyler. The UK Minister responsible for government policy on data protection has raised concerns about any proposed “radical rewrite” of the EU Data Protection Directive. Kenneth Clarke, Lord Chancellor and Secretary of State for Justice, called for both flexibility and a common-sense solution to modernising data protection law. He … Continue Reading
LexBlog