"Monsters Inc." y el tratamiento de los datos
Introducing The Crypto Exchange Podcast
Episode #7 - It's All About Latency: The Future of Data Processing and Storage
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Compliance Perspectives: Regulatory Conflicts in Data Privacy Laws
Compliance Perspectives: Compliance, GDPR and Brexit
The CCPA for the Land Title Industry: Who Does the CCPA Apply To?
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
On September 4, 2025, the Court of Justice of the European Union (“CJEU”), delivered its judgment in European Data Protection Supervisor ("EDPS") v. Single Resolution Board ("SRB") (C-413/23 P). The decision clarifies two...more
You never think about breathing air. Most of the time, you’re not consciously moving your legs as you walk. You don’t have to remind yourself to blink every few seconds. For modern businesses, that’s what processing personal...more
As we pass the mid-point of 2025, it’s a good time to review the important developments we have seen in the first 6 months of this year, particularly reforms to the UK’s data protection laws, the EU’s pathway to...more
The rise of artificial intelligence (AI) and its widespread availability offers significant growth opportunities for businesses. However, it necessitates a robust governance framework to ensure compliance with regulatory...more
Cloud-based HR systems have become standard for multinational businesses, driving efficiency but also increasing compliance and privacy risks. Indeed, a recent Workday case, which originated in Germany, has clarified the...more
italiano: Privacy per Startup – I primi passi When launching a startup in Italy, it is critical to comply with the applicable data protection requirements. Failing to do so can lead to significant risks in terms of liability...more
While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more
In 2018, there were two comprehensive state data privacy bills introduced across the United States and a whopping zero were in effect. Fast forward six years and there have been 41 new data privacy bills considered this year...more
The Irish Data Protection Commission (DPC) has welcomed X’s agreement to suspend its processing of certain personal data for the purpose of training its AI chatbot tool, Grok. This comes after the DPC issued suspension...more
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
Introduction - We have compiled the main differences between the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing...more
Governing Data Protection Legislation - 2.1. Overview of principal legislation - The General Regulation Data Protection (Regulation (EU) 2016/679) (“GDPR”), as implemented by Law 190/2018 is the principal data...more
In a recent decision, the Upper Tribunal dismissed an appeal by the UK Information Commissioner, finding that Experian’s data processing practices had in fact been lawful. The appeal focussed on whether Experian had...more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Introduction - The General Data Protection Regulation (Regulation (EU) 2016/679) is the EU regulation which is directly applicable in all member states of the EU, including the Czech Republic, as of 25 May 2018. The new...more
Data processing agreements are a standard part of business arrangements involving personal data due to the European Union’s General Data Protection Regulation as well as the ever-expanding number of U.S. consumer privacy...more
The French supervisory authority (CNIL) asked for public comments on its draft recommendation on data security in relation to processing that presents particularly high risks to individuals or to the public interest (the...more
GDPR compliance can be tricky. Even if you summon the willpower to read through the law’s text, it can be tough to know where to start. As an alternative to pouring through the GDPR’s legalese, one way to establish a...more
What Happened? On July 10, 2023, the European Commission (‘EC’) adopted its long-awaited adequacy decision approving the EU-U.S. Data Privacy Framework (‘DPF’). By doing so, the EC is confirming that personal data...more
The Pakistan Ministry of Information Technology and Telecommunication (MITT) released a new draft of the Personal Data Protection Bill, 2023 (the PDPB) on 19 May 2023. The PDPB aims to regulate the collection, processing,...more
Texas will soon join the growing list of states that have passed comprehensive data privacy legislation. House Bill 4, the Texas Data Privacy and Security Act (“TDPSA” or the “Act”), has a broad reach and will apply to all...more
Article 38 of China’s Personal Information Protection Law (“PIPL”) enacted in 2021, which is more demanding than GDPR in Europe, provides three channels to conduct the outbound transfer or export of personal information...more
On January 12, 2023, the Court of Justice of the European Union (CJEU) ruled that the data subject’s right of access to personal data requires controllers to provide the data subject with the identity of the companies that...more
For American companies doing business in Europe and European businesses relying on U.S. vendors and service providers, 2023 may be the year when Europe and the United States finally come together to implement a viable and...more
On January 19, the Irish Data Protection Commission (DPC) announced the conclusion of an inquiry into the data processing practices of a U.S.-based messaging service’s Ireland operations and fined the messaging service €5.5...more