One of the key components of the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) is its stronger enforcement mechanisms. Administrative fines are one of the most powerful parts of the enforcement...more
On October 18, the Article 29 Working Party released its draft of “Guidelines on Personal data breach notification under Regulation 2016/679” (“Guidelines on Personal data breach notification,” WP250). The guidelines are not...more
On October 18, the Article 29 Working Party released its draft of “ Guidelines on Automated individual decision-making and Profiling for the Purpose of Regulation 2016/679” (“Guidelines on Automated individual decision-making...more
The EU General Data Protection Regulation’s (GDPR) requirements are coming into focus quickly as EU data protection authorities continue to issue guidance on different aspects of the law. On April 4, 2017, the Article 29...more
The UK Information Commissioner’s Office (ICO) continues to play an active role in shaping data protection law in the EU, notwithstanding the UK’s decision to leave the EU in the aftermath of Brexit. On April 6, 2017, the ICO...more
On February 20, 2017, the Article 29 Working Party released procedures and a template complaint form for implementing the EU-US Privacy Shield. The procedures govern the functioning of the informal data protection authority...more
The EU’s Article 29 Working Party (WP29) held a plenary meeting in early December 2016. At the meeting, the WP29 adopted guidelines and issued FAQs relating to the EU General Data Protection Regulation’s (GDPR’s) provisions...more
After months of back and forth, an updated version of the EU-US Privacy Shield agreement originally announced in February is on the verge of being formally adopted on Tuesday, July 12, 2016. While the final documents...more