Life With GDPR: Cookie Compliance
Universal Consent: Building Beyond Cookie Consent
Data Dividend: What is Personal Data Worth?
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
Fashion Counsel: Privacy in the Retail Fashion Industry
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules. On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more
On 11 July 2022, the Voivodeship Administrative Court in Warsaw (the "WSA") overturned the decision of the President of the Personal Data Protection Office (the "President of the PDPO"), concluding that any user information...more
11 lipca 2022 roku Wojewódzki Sąd Administracyjny w Warszawie („WSA”) uchylił decyzję Prezesa Urzędu Ochrony Danych Osobowych („Prezes UODO”), nie zgadzając się z tym, że każda informacja o użytkowniku, zapisana poprzez pliki...more
United Kingdom New Standard Contractual Clauses Submitted to Parliament - The United Kingdom has finalized its new International Data Transfer Agreement and Addendum to the new EU standard contractual clauses. Subject to...more
What is the General Data Protection Regulation (GDPR)? The GDPR is an EU law that was passed by parliament and went into effect on May 25, 2018. The GDPR unifies the EU under a single data protection regime for all member...more
It’s generally recognized that the General Data Protection Regulation (GDPR) can apply to entities outside the European Union. However, scant court rulings guide non-European controllers and processors on this question. The...more
The myriad of data privacy laws across Europe can make it challenging for companies engaged in cross-border business. Between the GDPR, the landmark Schrems II decision, local data privacy laws and Brexit complications...more
Following its Guidance issued on April 6, 2020, the Irish Data Protection Commission signaled its intent to begin enforcement against companies who fail to adhere to the Commission’s guidelines on the use and management of...more
Last November, the Spanish Data Protection Authority (Spanish DPA) published its new Guidelines on the Use of Cookies within the framework of the GDPR and Spanish E-privacy rules. ...more
Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared a compilation of key GDPR-related developments of the past 12 months. The compilation...more
On 7 March 2019, the Dutch Data Protection Authority published guidance (in Dutch) that it considers “cookie walls” to violate the GDPR. A cookie wall is a pop-up on a website that blocks a user from access to the website...more
Following numerous privacy complaints, the State Office for Data Protection Supervision (BayLDA) recently conducted a random audit on 40 companies and found widespread problems with their cookie disclosures....more
The European Commission has released proposals for new legislation that seeks to create stronger privacy in electronic communications. The draft Privacy and Electronic Communications Regulation (the “Regulation”) is intended...more