The Council of the European Union (Council) released a new draft of the ePrivacy Regulation (Council doc. 5642/21) on January 5, 2021. Various versions of the ePrivacy Regulation have been under consideration in the Council...more
2/11/2021
/ Consent ,
Cookies ,
Cybersecurity ,
Data Protection ,
e-Privacy Directive ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Metadata ,
Personal Data ,
Regulatory Requirements
Schrems II may force companies obligated to produce EU personal data to the task of determining whether to comply with US discovery obligation rules that risk fines under the GDPR for illegal data transfers or to defy the US...more
8/24/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
During the coronavirus (COVID-19) pandemic, we have seen a dramatic shift from in-person visits to telehealth services around the globe, unveiling what may be the new normal for providing healthcare services....more
8/14/2020
/ China ,
Coronavirus/COVID-19 ,
Germany ,
Health Care Providers ,
Infrastructure ,
Patient Access ,
Singapore ,
Telehealth ,
Telemedicine ,
United Arab Emirates (UAE) ,
United States
The Court of Justice of the European Union (ECJ) has finally issued its decision on the validity of standard contractual clauses (SCCs) in the Irish Data Protection Commissioner’s referral to the ECJ for an opinion on the...more
7/20/2020
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ireland ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
The German Federal Court of Justice (BGH) ruled on May 28 that an opt-out for cookies settings is inadmissible under German law under Section 15(3) of the German Telemedia Act (TMG) in conformity with the ePrivacy Directive...more
A recent amendment to Germany’s foreign direct investment ordinance adds new businesses to the existing catalogue of critical infrastructures—in particular, in the health sector—that will be subject to foreign direct...more
New patient consent forms in Germany cover the use of patient care data and clinical and biomedical research.
German Data Protection Commission DSK has approved a revised version of forms that the so-called Medical...more
Germany debates whether apps related to the coronavirus (COVID-19) pandemic would be useful, what they should cover, and what the ramifications would be under applicable data protection laws. ...more
A new law in Germany aims to benefit consumers and microenterprises by protecting the loss of essential services in the form of temporary deferrals of contractual obligations and loans during the coronavirus (COVID-19)...more
The EU General Data Protection Regulation allows the temporary suspension of some data-protection rights in times of crisis, such as the outbreak of the 2019 Novel Coronavirus. This installment of The eData Guide to GDPR...more
3/10/2020
/ Best Practices ,
China ,
Coronavirus/COVID-19 ,
Crisis Management ,
Emergency Management Plans ,
EU ,
EU Data Protection Laws ,
France ,
General Data Protection Regulation (GDPR) ,
Germany ,
Infectious Diseases ,
International Data Transfers ,
Italy ,
Personal Data ,
Policies and Procedures ,
Popular ,
Public Health ,
Risk Management
Following a legal challenge to the validity of data transfers from organizations in Europe to organizations in countries like the United States, the opinion of the Advocate General (AG) of the Court of Justice of the European...more
California is the fifth largest economy in the world. Its new laws and regulations have an impact far beyond its borders. Many Non-US companies do business in California. The California Consumer Privacy Act (CCPA), which...more
The German Federal Office for Information Security (BSI) has determined the suitability of an industry-specific security standard (B3S) with which hospitals can align their IT security measures. The B3S standard was developed...more
The EU Commission issued its report on the third annual review of the functioning of the EU-US Privacy Shield (Privacy Shield) on October 23. The annual review and corresponding report is required of the Commission by the its...more
A recent ruling by the Court of Justice of the European Union (CJEU) established that companies seeking to store “cookies” that are used to track online browsing behavior must obtain “active consent.” The ruling is likely to...more
The EU Council Presidency on September 18 put forward to member states an 88-page compromise proposal on the Eprivacy Regulation with considerable changes and amendments. There are several proposed changes to the provisions...more
The European Union (EU) has adopted an adequacy framework for the transfer of personal data between Japan and the European Union. This framework is a mutual arrangement that applies to both sides as of January 23, 2019....more
From time to time, data controllers are confronted with the question of whether data subjects can raise claims for specific security measures against the controller under Article 32 of the EU General Data Protection...more
The European Court of Justice (ECJ) in Luxembourg rendered a judgment on July 12 that explains, among other things, what a (joint) data controller is. The judgment is on the “old” EU Data Protection Directive 95/46/EC, but...more
Based on the flood of updated privacy policies that have inundated email boxes throughout the world, it is clear that the European Union's General Data Protection Regulation (GDPR) is now in full effect. The EU's new European...more
Germany’s EU Data Protection Adaptation and Implementation Act addresses issues left open by the General Data Protection Regulation and implements the EU Directive 2016/680 on Data Protection for the Prevention and...more
On March 23, US President Donald Trump signed the omnibus spending bill, a portion of which contained the Clarifying Lawful Overseas Use of Data Act (CLOUD Act). The CLOUD Act’s main goal is to offer guidance to providers of...more
On February 15, 2017, the European Parliament (EP) made a significant step toward reforming the EU Emission Trading System (ETS) post-2020, adopting a draft proposal that seeks middle ground with a tight vote of 379 for/263...more
The new law gives UK intelligence and law enforcement bodies sweeping surveillance powers.
The IPA was introduced in response to recommendations that David Anderson QC made, in his capacity as the Independent Reviewer of...more
As of September 30, Russian state authorities now reject tender submissions for supply of certain foreign electronic equipment if there are two concurrent submissions for supply of locally produced equipment. The ban applies...more