The EU Cyber Resilience Act (CRA) (Regulation (EU) 2024/2847) is a pioneering piece of EU legislation that establishes mandatory cybersecurity standards for most hardware and software products made available on the EU market....more
By its much anticipated judgment of 4 May 2023, the European Court of Justice (CJEU) specified the requirements under which data subjects affected by a breach of the GDPR can claim for compensation of non-material damages...more
On 13 December 2022, the European Commission (“EC”) published its draft adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”) that is intended to foster trans-Atlantic data flows and address the concerns raised by...more
Ever since the White House issued its Executive Order to pave a path for the new EU-U.S. Data Privacy Framework, stakeholders have provided both praise and criticism about whether the Executive Order sufficiently addresses...more
In a recent judgment, the District Court Munich I granted a data subject compensation under Article 82 GDPR for non-material damages suffered as a result of an unauthorized third-party access to the subject's personal data....more
The table below sets out the guidance provided by data protection authorities (DPA) in response to the European Court of Justice’s landmark judgment in Case C-311/18 Data Protection Commissioner v. Facebook Ireland and...more
7/23/2020
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ireland ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. ...more
2/25/2019
/ Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Germany ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular
Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. ...more
2/22/2019
/ Cybersecurity ,
Data Protection ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
Failure to Comply ,
Fines ,
General Data Protection Regulation (GDPR) ,
Germany ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Regulatory Violations