Global companies face stricter rules on employee data privacy, in particular when using social media and internal monitoring tools. It also now becomes clearer that many EU Member States will use the opening clause of Art. 88...more
In a time of ever-shorter innovation cycles and the increased digitalization of many value-added chains, established businesses need to constantly evolve and reinvent themselves – even going so far as to rethink their core...more
In a time of ever-shorter innovation cycles and the increased digitalization of many value-added chains, established businesses need to constantly evolve and reinvent themselves – even going so far as to rethink their core...more
January 10, 2017 marked another important step towards reform of the EU data protection framework, with the release of the EU Commission’s proposals for a new Regulation governing privacy and electronic...more
1/18/2017
/ Consent ,
Cookies ,
Data Protection ,
Direct Marketing ,
Electronic Communications ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Internet of Things ,
Telecommunications
Companies required to appoint a data protection officer (“DPO” ) in Europe should carefully consider which candidate is best to select for the job. A company established in Bavaria, Germany, was recently fined by the Bavarian...more
According to a press release of the Data Protection Supervisory Authority in the Land Mecklenburg Vorpommern of November 3, German supervisory authorities have randomly selected 500 companies in Germany and sent them requests...more
On September 12, 2016, the Data Protection Authority of the German Federal State of North Rhine-Westphalia (“DPA NRW”) became one of the first EU data protection authorities to issue guidance on the implementation of the...more
As of, August 1st, 2016, U.S. companies can now join the Safe Harbor successor EU-U.S. Privacy Shield (the “Privacy Shield”) for personal data transfers from the EU to the U.S.
This post gives a high level summary of...more
8/2/2016
/ Certification Requirements ,
Data Protection ,
Data-Sharing ,
Department of Transportation (DOT) ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Interstate Commerce ,
Personal Data ,
Self-Certification ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
After receiving the approval of the EU Member States, through the Article 31 Committee, last Friday, the European Commission has today, July 12th, 2016, formally adopted the Adequacy Decision necessary to implement the...more
Can employers look at the company email accounts of employees, such as when they do not show up to work? Can employers monitor employee Internet use during working hours? Can employers read employee emails if they use the...more
Website providers that collect dynamic Internet Protocol addresses (“IP address”) from website visitors may soon be subject to even more scrutiny from data protection authorities in the EU.
Last week, Europe’s Advocate...more
While EU regulators determine whether to adopt a new agreement for transfers of personal data from Europe to the United States to replace the invalid EU-U.S. Safe Harbor Framework, German data protection authorities have not...more
5/11/2016
/ Corporate Counsel ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
European Commission ,
Germany ,
International Data Transfers ,
Personal Data ,
Popular ,
US-EU Safe Harbor Framework
Germany is not only known as one of the best countries for enjoying beer and bratwurst, but it is also known as a country with some of the strictest data privacy laws on the planet. Within this environment, should companies...more
The Düsseldorfer Kreis, a committee made up of representatives of German data protection authorities, recently published guidance on the requirements for obtaining valid consent to the collection, processing and use of...more
5/4/2016
/ Consent ,
Data Collection ,
Data Protection Authority ,
Disclosure Requirements ,
EU ,
General Data Protection Regulation (GDPR) ,
Germany ,
International Data Transfers ,
New Guidance ,
Opt-In ,
Opt-Outs ,
Personal Data
After 4 years of negotiation, today the European Parliament adopted the General Data Protection Regulation (“GDPR“). In doing so, it signaled the end of the EU approval process and put businesses on alert that they now have...more
Recently, the Berlin-Brandenburg Regional Labor Court ruled on the rights of an employer to check browsing history without the employee’s consent.
Orrick’s German employment team published a client newsletter about this...more
Bad news for companies relying on transatlantic data flows as, once again, the transfer of personal data from Europe to the United States is called into question by the Article 29 Working Party (the “Working Party”), an...more
On 29 February 2016 the European Commission issued the legal texts of the EU-U.S Privacy Shield which aims to replace the defunct EU-U.S Safe Harbor Framework as a legitimate mechanism for transferring personal data from the...more
The European Commission has announced that it has reached a deal to replace the EU-US Safe Harbor framework that was declared invalid last year by the Court of Justice of the European Union (“ECJ”). Heralded as the EU-US...more
On December 17, 2015, the German Parliament passed a new act which permits consumer protection associations, industry and commerce chambers or other approved business associations to file privacy class actions. The law is...more
After nearly 4 years of negotiations, yesterday evening the EU reached agreement on the final provisions of its new data protection laws. With it, a new era of data protection has been ushered in that will have far reaching...more
On December 7, 2015, more than two and a half years after the first draft, the European Union Council finally reached an important, informal agreement with the Parliament on important network and information security rules...more
Last Friday (6 November 2015) the EU Commission issued a communication on the transfer of personal data from the EU to the US under the Data Protection Directive following the judgment by the Court of Justice in the Schrems...more
Yesterday, German federal and state (Länder) data protection authorities ("DPAs") issued a Position Paper following the recent Court of Justice of the European Union ("CJEU") ruling that struck down the EU-US Safe Harbor...more
10/27/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Cloud Computing ,
Cybersecurity ,
Data Privacy ,
Data Protection Authority ,
European Commission ,
European Court of Justice (ECJ) ,
Germany ,
International Data Transfers ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
US-EU Safe Harbor Framework
The European Court of Justice’s (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
10/20/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Compliance ,
Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework