A new requirement to inform individuals of the exact personal data to be shared with the Administration des Contributions Directes.
The Luxembourg law of 18 December 2015 on the automatic exchange of financial account...more
Paying a cyber ransom will, allegedly, secure your data and give you back control of your systems. But there are legal, operational and ethical risks to consider....more
In the five years since the European Union’s General Data Protection Regulation came into force, what have been the main learnings for business, and what will the future hold?...more
Read the latest updates on the progress of legislation and regulation in the EU relating to technology, data, digital markets and cybersecurity....more
By a decision rendered on 22 November 2022, the European Court of Justice (the Court) invalidates the provision of the anti-money laundering directive (AMLD) whereby the information on the beneficial owners of corporate and...more
On 6 April 2022, following the announcement of the political agreement on a new EU-US Trans-Atlantic Data Privacy Framework having been reached between the European Commission and the United States on 25 March 2022, the...more
On 10 February 2022, the French supervisory data protection authority (CNIL) announced that it issued a formal notice to a website operator to bring its data processing in relation to audience measurement and analysis in...more
The Grand Duchy of Luxembourg has just tabled a bill aimed at transposing the European Directive on whistleblowers. Even if the bill has to go through the entire legislative process, and will most certainly see its text...more
The future of finance is digital. The increased reliance on technology in finance heightens the vulnerability of ICT systems and worsens the impact of a potential cyberattack. To this end, the European Commission (the...more
On 1 October 2019, the Court of Justice of the European Union (CJEU) issued its long-awaited decision in the case Planet49 (Case C-673/17). The decision clarifies the requirements for valid cookie consent under Directive...more
10/3/2019
/ Consent ,
Cookies ,
Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
Last year, investment fund managers (IFMs) were caught by surprise with the immediate application of Circular 17/654 on IT outsourcing relying on a cloud computing infrastructure (the Cloud Circular), but every cloud has a...more
The Luxembourg data protection authority (CNPD) has published a list of processing activities triggering a mandatory data protection impact assessment (DPIA) following review by the European Data Protection Board (EDPB)....more
Just before summer recess, Luxembourg Parliament has adopted the law of 1 August 2018 which implements certain parts of the General Data Protection Regulation (GDPR) and repeals the former data protection law of 2 August...more
On 12 September 2017, the Luxembourg Government introduced a bill of law (the Bill) to complement the General Data Protection Regulation EU) 2016/679 (the GDPR). The Bill is planned to enter into force simultaneously with the...more
The Luxembourg Government has, on 4 August 2017, submitted a bill1 to Parliament for the reintroduction of a regime of taxation of intellectual property (IP) rights in Luxembourg.
The new regime is intended to replace the...more
By a decision held on 25 January 2017 (C-375/15), the Court of Justice of the European Union (CJEU) clarified the question of information (in electronic format) that payment service providers (such as banks) convey to their...more
The challenge and risks -
The topic of cybersecurity is seldom out of the press these days, occupying the minds of business leaders and politicians alike. From a business perspective, the ideal outcome would be to...more
On 18 December 2015, the agreed text of the Network and Information Security Directive (the NIS Directive) was released. With cybersecurity firmly established as a key business risk, the introduction of specific laws in this...more
After over three years of discussions at many levels, it is now clear that the proposed EU data protection framework will be revised, and that it will be in the form of a Regulation – the General Data Protection Regulation....more
Huge uncertainty has been caused by the recent judgment of the Court of Justice of the European Union (CJEU) on 6 October that the Safe Harbor decision by the European Commission is invalid. Many companies which previously...more
After the controversial Google Spain decision (which besides the right to be forgotten also dealt with applicable law rules), the Court of Justice of the EU (CJEU) handed down another important – and yet again rather...more
10/16/2015
/ Cybersecurity ,
Data Protection ,
Data Protection Authority ,
Debt Collection ,
Edward Snowden ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
Google ,
Hungary ,
International Data Transfers ,
Internet ,
Internet Privacy ,
Ireland ,
Member State ,
Multinationals ,
National Security ,
National Security Agency (NSA) ,
Online Advertisements ,
Personal Data ,
Privacy Laws ,
Real Estate Market ,
Right to Be Forgotten ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework ,
Websites
After the controversial Google vs. Spain decision (which besides the right to be forgotten also dealt with applicable law rules), the Court of Justice of the EU (CJEU) handed down another important – and yet again rather...more
10/14/2015
/ Advertising ,
Corporate Counsel ,
Data Protection Authority ,
Enforcement Authority ,
EU ,
EU Data Protection Laws ,
European Court of Justice (ECJ) ,
Google ,
International Data Transfers ,
Jurisdiction ,
Multinationals ,
Popular ,
Right to Be Forgotten ,
Safe Harbors ,
US-EU Safe Harbor Framework ,
Websites ,
Young Lawyers
To become law, the proposed text will need to be adopted jointly by the European Parliament and the Council of Ministers (i.e. ‘ordinary legislative procedure’). In March 2014, the European Parliament voted in plenary and...more
On 18 March 2015, the Luxembourg Parliament approved the legislation ratifying the Unified Patent Court Agreement, the international treaty which establishes the Unified Patent Court. This ratification constitutes another...more