On 5 July 2018, the European Parliament demanded in a resolution that the European Commission suspends its EU-U.S. Privacy Shield unless the U.S. administration introduces adequate data protection safeguards by 1 September 2018. The Privacy Shield agreement is aimed at facilitating data transfers of EU personal data to the United States. The non-binding resolution was … Continue Reading
You may well remember our blog from last year which outlined the Commission’s proposal for a framework in relation to the free flow of non-personal data in September 2017 (you can view our blog here). On 19 June 2018, the European Parliament, Council and the European Commission reached a political agreement on the rules that … Continue Reading
Background On 22 November 2017, the Court of Justice of the European Union (“CJEU”) gave judgment in a case taken by the not-for-profit company, Digital Rights Ireland Limited (“DRIL”). DRIL sought an annulment of the European Commission’s Privacy Shield decision. This decision states that the US ensures an adequate level of protection for personal data … Continue Reading
The European Commission has issued a proposal for a new Regulation on the free flow of non-personal data (“the Proposal”). Background The Commission adopted a Communication in January 2017 on “Building a European Data Economy”, in which its work on free flow of data was announced in the context of actions to enhance the data … Continue Reading
“A year from now, the European Union will start benefiting from the new data protection standards.” This week, the European Commission’s most senior voices gave an official statement promoting the benefits of the new General Data Protection Regulation (GDPR). Andrus Ansip (Vice-President) and Věra Jourová (Commissioner) of the European Commission aimed their statement at all … Continue Reading
The European Commission has imposed a fine of EUR110 million (US$122 million) on Facebook for providing misleading or incorrect information to the European Commission when it filed the acquisition of WhatsApp for merger approval in 2014. In the notification, Facebook stated that it would be unable to establish a reliable automated matching between Facebook users’ … Continue Reading
Google has announced that the EU data protection authorities have reviewed and confirmed its Google Cloud services’ contractual commitments as fully compliant with the EU requirements for transferring personal data to third countries outside the European Economic Area (“EEA”). Model contract clauses The review was carried out in line with Working Paper 226 (‘WP 226’). … Continue Reading
On 26 July, the Article 29 Data Protection Working Party (WP29) released a statement outlining its opinion on the EU-U.S. Privacy Shield, which was adopted by the European Commission earlier this month. After praising the improvements implemented by the Commission and U.S. authorities since its last critical opinion, the WP29 outlined some remaining concerns, including … Continue Reading
On 5 July, the European Commission (“EC”) published a communication outlining measures to improve resilience to cyber incidents, improve cooperation and information sharing, and promote innovation and competition in the European cybersecurity industry. The communication highlights the EC’s intention to take cooperation, knowledge, and capacity to the next level, particularly through the imminent introduction … Continue Reading
Following a positive vote from the Article 31 Committee on 8 July, the EU-US Privacy Shield was formally adopted on 12 July and will enter immediately into force in the EU. In the U.S. the Privacy Shield will be published in the Federal Register, becoming effective on 1 August and will be operated by the … Continue Reading
Mobile health or ‘mHealth’ applications commonly raise complex privacy issues as a result of processing large amounts of sensitive personal data. Following the publication of its Green Paper on the topic in 2014, the European Commission has recently published a draft code of conduct on privacy for mobile health applications (‘the code’). The code provides … Continue Reading
On 25 May 2016 the European Commission published draft legislation aimed at restricting the use of geoblocking and similar practices by websites selling to into the European Union. The European Commission has published a draft regulation aimed at restricting traders from blocking access to websites by customers from other European countries, preventing geographic discrimination through use … Continue Reading
The European Commission (EC) recently proposed the European Cloud Initiative (ECI): a plan to create a world-class data infrastructure to store, manage, transport and process data at high speeds. The primary aims are to support establishment of the ‘Digital Single Market’ in Europe, improve Europe’s position in data-driven innovation, and improve competitiveness and inspire cohesion … Continue Reading
The EU-U.S. data protection Umbrella Agreement consists of a framework of principles and safeguards for trans-Atlantic transfers of personal data (such as criminal records, names and addresses) in relation to the prevention, detection, investigation and prosecution of criminal offences, including terrorism. The agreement seeks to satisfy two core objectives: first, to ensure a high level … Continue Reading
The European Commission (the executive of the EU) recently published the initial findings of its e-commerce inquiry, an investigative process conducted to determine whether and to what extent competition is being restricted or distorted in the sector. The inquiry focused on geo-blocking, a commercial practice whereby online providers block user access to the purchasing of … Continue Reading
Pursuant to its Digital Single Market strategy and adoption of the General Data Protection Regulation (GDPR), the European Commission (EC) has launched a public consultation on the revision of Directive 2002/58/EC, better known as the ePrivacy Directive. Its intention is to bring the existing legal framework up to date “with the challenges of the digital … Continue Reading
On 13 April, the Article 29 Data Protection Working Party (‘WP29’) published its opinion on whether the proposed Privacy Shield programme, which is intended to replace the now-invalid Safe Harbor pact for facilitating trans-Atlantic data flows, achieved an adequate level of protection. The WP29 acknowledged that many of the shortcomings of Safe Harbor have been … Continue Reading
On 22 December 2015, the European Commission announced its next steps towards completing the single market for cross-border parcel delivery. The Commission’s aim is to enhance price transparency and regulatory oversight of the parcel market over the coming year, thereby providing consumers and businesses with better access to digital goods and services across Europe. Cross-border … Continue Reading
In May 2015 the European Commission (EC) announced its strategy for a European ‘digital single market’ (DSM) that mirrors the possibilities of the physical single market. It can be difficult to keep up with the Commission’s ever-evolving plans, so Reed Smith released a Client Alert to review some of the more controversial aspects, including the … Continue Reading
The Article 29 Working Party published a letter it sent to the European Commission urging it to consider the data protection and privacy issues when adopting the secondary regulations (‘Regulations’) necessary to implement two European Union financial services laws. These Regulations are required as part of the implementation of the EU Markets in Financial Instruments … Continue Reading
The European Union economy stands to miss out on the benefits of cloud technology, as legislative measures across the individual Member States act to prevent businesses from using cloud services on an EU-wide level. The use of off-premise cloud technologies offers both economic and productivity benefits to start-ups and larger enterprises, but according to Pearse … Continue Reading
U.S. tech giants, like Google and Facebook, found themselves caught between the European Parliament and the European Commission as disagreements continue as to whether Internet service providers should be included within the definition of ‘market operators’ in the Proposed Directive on Network and Information Security (IP/13/94) (the ‘Directive’). Currently, the EU Commission would like to … Continue Reading
A leaked draft proposal posted by StateWatch and created by the European Commission reports that most Member States appear to be in favour of introducing a three-tiered fine system for non-compliance with EU data protection rules. Under the proposal, which was revised as a result of the 21 April 2015 meeting, all Member States are … Continue Reading
This post was also written by Samantha Daly. On May 6th, The European Commission released it’s much anticipated white paper on its “digital single market’ (DSM) strategy to provide better access for consumers and businesses to digital goods and services across Europe, create the right conditions for advanced digital networks and innovative services to flourish, … Continue Reading
