Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: GDPR

Posted in Data Protection & Privacy Eduardo Ustaran

ICO Turns Spotlight on Data Broker Industry

Data brokers are organisations that obtain data from a variety of sources and then sell or license it to third parties. Many trade in personal data, which is purchased by their customers for several purposes, most commonly to support marketing campaigns. In 2012, data brokers’ trade in personal data was reported to have generated over $150 billion in revenue.

The … Continue Reading

Posted in Data Protection & Privacy Tim Wybitul

Interview with Jan Albrecht, Dr. Stefan Brink and Tim Wybitul on the New German Data Protection Bill

On 1 February 2017, the German federal cabinet adopted a draft data protection bill. The planned implementation statute aims to supplement and further define the EU General Data Protection Regulation, which will come into force in 2018. The Chronicle of Data Protection’s summary of the most relevant aspects of the draft bill can be found here. We turn now … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Julie Brill

Strengthening international ties can support increased convergence of privacy regimes

The internet has become today’s global trade route, and personal data is one of its major currencies. The growth in the digital economy is impressive. One study found that economic activity taking place over the internet is growing at 10% per year within the G-20 group of nations. In the United States alone, one estimate found that companies exported nearly … Continue Reading

Posted in Digital Single Market (EU) Winston MaxwellFalk SchoeningDr. Nils RauerRod Freeman

DSM Watch: European Commission’s data package explores data ownership, localization, liability and portability, highlighting tensions with GDPR

On January 10, 2017, the European Commission released a Communication, a fact sheet, a working document and a public consultation relating to Europe’s “data economy”.   The fact sheet states that “data is a new type of economic asset”, which is essential for innovation and growth. The Commission’s objective is to remove “unjustified restrictions” and “legal uncertainties” in order … Continue Reading

Posted in Data Protection & Privacy

University Panthéon-Assas (Paris II) and Hogan Lovells Launch a Data Protection Officer Degree

On January 5, 2017 Paris Law School Panthéon-Assas launched its first university degree (diplôme d’université) aimed at training future Data Protection Officers (DPOs) under the new European General Data Protection Regulation (GDPR), which becomes effective across the EU on May 25th, 2018.  Created by Paris University Professor Bénédicte Fauvarque-Cosson and Hogan Lovells partner Winston Maxwell, the new program will include … Continue Reading

Posted in Data Protection & Privacy Eduardo Ustaran

New Notice and Consent Rules under Proposed EU e-Privacy Regulation

The European Commission has released its proposal for a new EU e-Privacy Regulation that will replace the existing e-Privacy Directive.  The high level aim of the draft e-Privacy Regulation is to harmonise the specific privacy framework relating to electronic communications within the EU and ensure consistency with the GDPR. Compared to the existing Directive, the draft e-Privacy Regulation has broader … Continue Reading

Posted in Data Protection & Privacy

Privacy and Cybersecurity January 2017 Events

Please join us for our January 2017 Privacy and Cybersecurity Events.

January 11
Japan’s 2017 Data Privacy and Tech Agenda
Julie Brill and Harriet Pearson will host a presentation by two of Japan’s most senior officials and authorities on recent changes to Japan’s privacy law and the establishment of a new Personal Information Protection Commission (PPC). Yoshikazu Okamoto, Director of
Continue Reading
Posted in Data Protection & Privacy, Policy & Regulation Eduardo Ustaran

Triple GDPR Guidance Issued by Article 29 Working Party

No one could accuse the EU Article 29 Working Party (WP29) of not delivering as promised.  Following its recently held December plenary meeting, the WP29 has released three separate guidelines with their interpretation of some key aspects of the General Data Protection Regulation, namely:

  • data portability,
  • data protection officers (DPOs), and
  • lead supervisory authorities.

At the same time, the WP29 … Continue Reading

Posted in Data Protection & Privacy Conor Ward

The UK’s Cybersecurity Regulatory Landscape: An Overview

Have you visited our online client cybersecurity resource portal: Ready, Set, Respond? Designed by our cross-practice team of global practitioners to provide in-house counsel with the tools they need to prepare for the inevitable cybersecurity incident and quickly and easily stay up to date on the evolving state of cybersecurity regulation around the world, the portal is regularly updated … Continue Reading

Posted in Data Protection & Privacy

GDPR Implementation Guide Available

We are pleased to announce that Hogan Lovells Frankfurt-based Partner Tim Wybitul has published a handbook – EU-Datenschutz-Grundverordnung im Unternehmen: Praxisleitfaden – to assist organizations with compliance with the European General Data Protection Regulation (GDPR). Written in German, the handbook includes plain-language summaries of GDPR requirements as well as project-planning and other checklists and examples to aid companies in complying … Continue Reading

Posted in Data Protection & Privacy Eduardo Ustaran

Why the GDPR is Good News for Business

Not many people will remember this but in 2008, Richard Thomas, the former UK Information Commissioner caused a fairly dramatic stir in the privacy world – at least among policy makers and fellow regulators – by unashamedly proclaiming that European data protection law was outdated and ineffective to address the technological and privacy challenges of the 21st century. At first, … Continue Reading

Posted in Data Protection & Privacy Mark Parsons

Philippines Finalizes Data Privacy Act Implementing Rules

The Philippines Data Privacy Regime

The Philippines’ first comprehensive data protection law, the Data Privacy Act of 2012 (the “Act“), took effect on 8 September 2012. The Act mandated the creation of a National Privacy Commission (“NPC“) to implement, enforce and monitor compliance with the Act, with one of its duties to promulgate rules and regulations … Continue Reading

Posted in Data Protection & Privacy

Privacy and Cybersecurity September 2016 Events

September 12
Cybercrime Compliance
Christian Tinnefeld will discuss compliance management requirements relating to new anti-cybercrime regulations at a Financial Experts Association event.
Location: Hamburg, Germany

 

September 15
Data and Business
Scott Loughlin will participate in a breakout session on “Privacy and Cybersecurity: A Big Deal for Big Deals” at the IAPP P.S.R. Conference.
Location:
Continue Reading
Posted in Data Protection & Privacy

Future-Proofing Privacy: Data Protection in the Workplace

Relevance of employee data protection for enterprises 

Data privacy in an employment context remains a challenge for companies. On the one hand, employers have a strong interest in monitoring personnel conduct or performance. Few controllers are likely to have collected more personal data about an individual than their employer. On the other hand, employees have a reasonable expectation of privacy … Continue Reading

Posted in Data Protection & Privacy

Future-Proofing Privacy: Enforcement and the Risk of Non-Compliance

One of the major purposes of the Regulation is to ensure a consistent application of data protection law throughout the EU, not only to provide a high level of data protection but also to guarantee legal certainty for businesses when handling personal data. This has presented legislators with one of their biggest challenges: how to maintain the existing network of … Continue Reading

Posted in Data Protection & Privacy Victoria Hordern

mHealth Code to Aid App Developers in the EU

There have been some pretty big claims about the potential of mHealth. One 2012 study predicted that in 2017 mHealth could potentially save a total of USD $99 billion in healthcare costs across the EU. The European Commission has also actively promoted the importance of mHealth following their 2014 consultation. One of the initiatives to emerge from the Commission has … Continue Reading

Posted in Data Protection & Privacy

Future-Proofing Privacy: International Data Transfers 2.0

The Data Protection Directive and the Regulation both impose restrictions on the transfer of personal data by EU based businesses (whether those businesses are data controllers or data processors) to destinations outside the EEA.

Recap on current framework

Transfers of personal data to a third country outside the EEA are allowed under the current Data Protection Directive only if one … Continue Reading

Posted in Data Protection & Privacy

Future-Proofing Privacy: Data Processors’ New Obligations

What’s the deal?

The Regulation will have a significant impact on service providers/vendors (i.e. data “processors”) and organisations that engage them because:

  • The Regulation imposes a number of detailed obligations and restrictions directly on processors, unlike the current Directive that only applies to data controllers
  • A processor will be fully liable for the actions of any sub-processor that it uses
Continue Reading
Posted in Data Protection & Privacy

Future-Proofing Privacy: The New Accountability Regime

Background of the notion of accountability

Accountability has been described by the Article 29 Working Party as a way of “showing how responsibility is exercised and making this verifiable”.

Accountability is far from being a new concept. It was introduced back in 1980 in the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.

In 2010, … Continue Reading

Posted in Data Protection & Privacy

Future-Proofing Privacy: Profiling Restrictions versus Big Data

A stricter regime for profiling

Profiling and big data analytics are set to play a pivotal role in the growth of the digital economy. From cookie-based tracking to people’s interaction through social media, the size and the degree of granularity of our digital footprints have created unprecedented opportunities for business development and service delivery. The scale of data collection, data … Continue Reading

Posted in Data Protection & Privacy

Future-Proofing Privacy: New and Stronger Rights

The Regulation aims to strengthen the rights of individuals. It does so by retaining rights that already exist under the Data Protection Directive and introducing the new rights of data portability, the right to be forgotten, and certain rights in relation to profiling. In this chapter we look at each of these rights in turn and assess the likely practical … Continue Reading

Posted in Data Protection & Privacy

Future-Proofing Privacy: Justifying Data Uses

Grounds for processing

Currently, under the Data Protection Directive, each instance of data processing requires a legal justification – a “ground for processing”. This fundamental feature of EU data protection law will remain unchanged under the Regulation. However, the bar for showing the existence of certain grounds for processing will be set higher. This is especially true with regards to … Continue Reading