Personal data is an important aspect of most M&A transactions because almost all businesses store information about their employees and customers. For some deals, data is critical, and there is a trend among regulators on a global scale to increase sanctions over data privacy and security violations. There is also a risk that data protection violations may render a deal … Continue Reading
Speaking at a recent conference organized jointly by AmCham and EY on “the Internet of Things, Opportunities and Challenges for the Protection of Personal Data”, Sophie Nerbonne, Head of Compliance at the French data protection authority (the CNIL) explained how the CNIL views the opportunities and risks raised by connected devices, focusing particularly on smart meters as a scheme that … Continue Reading
Accountability has been described by the Article 29 Working Party as a way of “showing how responsibility is exercised and making this verifiable”.
Accountability is far from being a new concept. It was introduced back in 1980 in the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.
In 2010, … Continue Reading
On 16 April 2015, the French data protection authority, the CNIL (Commission Nationale de l’Informatique et des Libertés), published its annual report for 2014. The CNIL’s annual report is an opportunity for the authority to report on its activities over the previous year as well as set out its priorities for the coming year. Significantly, a number of … Continue Reading
On 24 March, the French data protection authority (Commission Nationale de l’Informatique et Libertés – the “CNIL”) announced that it will soon make easier the practical implementation of intra-group transfers of data from French entities to entities located outside the European Union where groups of companies have adopted Binding Corporate Rules (BCRs). BCRs are becoming increasingly popular among multinationals … Continue Reading