Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Category Archives: Data Protection & Privacy

Posted in Data Protection & Privacy Michelle Kisloff

Data class actions in the US

Over the past few years, there has been a surge in class actions challenging companies’ privacy and data security practices. But, while the number of class actions continues to grow, the suits face several significant challenges, have afforded limited relief to individual consumers, and have provided no coherent privacy standards in the US By comparison, the primary government regulator, the … Continue Reading

Posted in Data Protection & Privacy Christine GateauWinston MaxwellEduardo Ustaran

The General Data Protection Regulation timidly opens the doors to data class actions in Europe

More than 15 years after the adoption of the Data Protection Directive1, the European Commission noticed that the current legislative framework on data protection did not adequately deal with the risks associated with online activity2.

Acknowledging this, the General Data Protection Regulation (GDPR)3 was finally adopted by the European Parliament on 14 April 2016, entering … Continue Reading

Posted in Data Protection & Privacy Christine GateauWinston MaxwellChristelle CoslinPauline Faron

French initiatives: “class action” or “collective action” for personal data protection?

Both the French Council of State in its annual report for 2014 as well as the National Digital Council (hereinafter, “CNNum”) in its “Digital Ambition” report voiced support for the creation of an action enabling consumers to collectively seek redress for violations of regulations protecting personal data.

However, their recommendations are different regarding the goal of this action.

After some … Continue Reading

Posted in Data Protection & Privacy Christine GateauWinston MaxwellEduardo Ustaran

Four key lessons when facing data class actions in Europe

Could the GDPR give rise to forum shopping and are there any pre-litigation strategies that should be considered? Here, we review four key elements that should be kept in mind in respect of data class actions in the EU.

Damages

In the US, many class actions are dismissed for lack of ‘standing’, i.e. because the litigants do not demonstrate that … Continue Reading

Posted in Data Protection & Privacy Winston MaxwellHarriet PearsonJohn SalmonEduardo Ustaran

Getting to data nirvana – a user’s guide to data lakes and GDPR

A data lake is an infrastructure that permits different data sets from within a group to be combined and analysed together.

To analyse a data lake under GDPR, it is helpful to think of a data lake in two phases, which we analyse in our user guide.

The infrastructure phase

Here, the guide covers:

  • Identify the entity that is
Continue Reading
Posted in Data Protection & Privacy Winston MaxwellSam Choi

The starting point for a big data project: the privacy impact assessment

The era of big data is here. Although we are yet to see its full potential, the use of big data analytics is already proving invaluable to businesses and its applications have been found in numerous and diverse sectors.

However, the use of big data has also brought much controversy, particularly when it involves sensitive information, concerns children, minorities or … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Mark BrennanHarriet PearsonBret CohenTimothy Tobin

Now Available: California Consumer Privacy Act: What you need to know now webinar recording and slides

Thank you to everyone who participated in last week’s webinar “California Consumer Privacy Act: What you need to know now.”

In this complimentary webinar, Hogan Lovells partners Mark Brennan, Bret Cohen, Harriet Pearson, and Tim Tobin, discussed:

• What triggered the new law?

• What data is covered?

• What does CCPA require, and how do you start operationalizing the … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Winston MaxwellHarriet PearsonJohn SalmonEduardo Ustaran

Getting to data nirvana – regulatory silo-busting to optimize risk management

“Getting to Data Nirvana” is our four-step approach to help you integrate your legal, regulatory and compliance work streams into your organisation’s overall data strategy.

The job of the legal and compliance teams is to make sure that their company’s data projects do not breach applicable laws.

Their task is not easy because the number of laws regulating the processing … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy, Technology

The connected home: From smart fish tanks to connected kitchen appliances, product companies must navigate GDPR and Product Liability Directive compliance, cyber risk, and other IoT challenges

In this interview, Hogan Lovells Partner Valerie Kenyon and Senior Associate Anthea Davies — members of our Global Product Law team — discuss some of the exciting opportunities and challenges presented by the Internet of Things (IoT) and the connected home. Manufacturers of smart thermostats and fish tanks, connected baby products, intelligent kitchen appliances, and speakers that connect to voice-controlled … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Mark BrennanBret CohenHarriet PearsonTimothy Tobin

Webinar Invitation – California Consumer Privacy Act: What you need to know now

On June 28, 2018, California’s governor signed Assembly Bill 375, a ground-breaking new data privacy law that some are calling the United States’ answer to the European Union’s General Data Protection Regulation (GDPR).  Particularly in light of California’s status as the world’s 5th largest economy, many are wondering how the new California Consumer Privacy Act (CCPA) will affect them.

Please … Continue Reading

Posted in Broadcasting, Copyright, Cybersecurity, Data Protection & Privacy, Digital Single Market (EU), e-commerce, Policy & Regulation, Technology, Telecoms & Broadband Peter WattsPenny Thornton

The Brexit White Paper: A digital Brexit?

The UK Government’s White Paper sets out detailed proposals for the UK’s relationship with the EU following Brexit.

As described in our dissection of the document as a whole, the White Paper sees the digital economy as an area of global opportunity for the UK.   So what does the Government have to say about sector?

The White Paper’s distinguishes Continue Reading

Posted in Data Protection & Privacy Eduardo Ustaran

The Future of International Data Transfers

With the current focus on the coming into effect of the EU General Data Protection Regulation (GDPR), one could (almost) be forgiven for forgetting about the question of international data flows. However, given the political and legal developments currently affecting the future of international data transfers, that would be a very serious strategic mistake. Legitimising data globalisation remains a top … Continue Reading

Posted in Data Protection & Privacy Eduardo Ustaran

Cookie Consent Is the New Panic

Judging by the number of calls and the intensity of the discussions about how to comply with the cookie consent requirement in a post-GDPR world, this issue has become a top worry for organisations and data protection officers. Partly due to the visibility of the mechanisms used to collect this consent, and partly due to the potential implications of operating … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Mark BrennanTimothy Tobin

California Enacts Sweeping New Comprehensive Privacy Legislation

California continues to be a first mover in privacy in the United States, enacting the US’s toughest and most comprehensive privacy legislation on Thursday, June 28, 2018. Unlike existing state and federal privacy legislation that has generally focused on specific sectors or privacy issues, the California Consumer Privacy Act of 2018 (AB 375), applies broadly to businesses that … Continue Reading

Posted in Data Protection & Privacy

Hogan Lovells Updates Practical GDPR Guide

With the coming into effect of the GDPR on 25 May 2018, the modernisation of European privacy laws has reached a critical milestone. Businesses operating in Europe or targeting European customers now need to comply with the new regime. At stake are not only the consequences of non-compliance, but also the ability to take advantage of new technologies, data analytics … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Winston MaxwellHarriet PearsonJohn SalmonEduardo Ustaran

Getting to data nirvana – using the GDPR to create data value

“Getting to Data Nirvana” is our four-step approach to help you integrate your legal, regulatory and compliance work streams into your organisation’s overall data strategy.

The job of the legal and compliance teams is to make sure that their company’s data projects do not breach applicable laws.

Their task is not easy because the number of laws regulating the processing … Continue Reading

Posted in Data Protection & Privacy, Internet, Policy & Regulation, Technology Paul OttoElisabethann Wright

Internet of Things Webinar Recording: Medical Devices

In the third instalment of the 2018 Internet of Things Webinar (IoT) Series, Yarmela Pavlovic, Paul Otto, Elisabethann Wright, and Fabien Roy hosted an educational webinar focusing on the evolving world of connected medical devices.

Fabien described the regulatory framework applicable to digital health technologies regulated as medical devices in the EU. He explained the criteria which must be met … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Winston MaxwellHarriet PearsonJohn SalmonEduardo Ustaran

Getting to data nirvana – understanding data value and ownership

“Getting to Data Nirvana” is our four-step approach to help you integrate your legal, regulatory and compliance work streams into your organisation’s overall data strategy.

The job of the legal and compliance teams is to make sure that their company’s data projects do not breach applicable laws.

Their task is not easy because the number of laws regulating the processing … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation

New Webcast: Worried about the GDPR? Don’t panic!

If you’ve got any worries about the GDPR – Europe’s new data privacy regime – then we’re here to help with our recently recorded webcast, explaining why there’s no need to panic.

It’s a great discussion, with our industry-leading panel looking offering lots of helpful tips and practical examples of how you can prepare for the GDPR, even after the … Continue Reading

Posted in Data Protection & Privacy Tim Wybitul

GDPR Guidance – European Data Protection Board Adopts Art. 29 Working Papers

Data protection authorities set out guidelines for the application of the new EU General Data Protection Regulation

The European Data Protection Board (EDPB) is the joint coordination body of the EU data protection authorities. The EDPB provides guidance on the application of the EU Data Protection Regulation (GDPR). With the GDPR having come into force, the EDPB thus replaces the … Continue Reading

Posted in Data Protection & Privacy Christine GateauTim WybitulMichelle Kisloff

Data Class Actions: the era of mass data litigation

Class actions are commonplace in the United States but relatively rare in Europe.

The European Union wants to change that, by facilitating class actions for mass privacy and data breaches.

With the development of big data, the scope and impact of potential data breaches or losses have indeed significantly increased. In the EU, the GDPR comes into effect. Due to … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Winston MaxwellPatrice Navarro

One day before the entry into force of the GDPR, the French bill is adopted… but referred to the French Constitutional Council (“Conseil Constitutionnel”)

The General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. In light of the urgency to adapt Law no. 78-17 dated 6 January 1978 to the new European Union law, the French Government has initiated an accelerated procedure. This procedure led to the adoption in final reading by the French National Assembly of the bill on Continue Reading

Posted in Data Protection & Privacy, Internet, Technology Christine Gateau

Following a cyber attack, IoT device manufacturers, data controllers, and sellers could face liability under the EU’s Product Liability Directive and the GDPR

Advancements in technology may provide consumers with a continuous stream of upgraded products, but they’re also proving that current security and privacy regulations fall short within the Internet of Things (IoT). New devices with unprecedented capabilities are challenging traditional beliefs about liability and consumer protections. In an environment of ever-changing regulations, how do device manufacturers reduce liability risks?

In this … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy Timothy TobinWinston Maxwell

Straight Talks podcast: Data privacy and cybersecurity in the age of rolling smart devices

The U.S. Environmental Protection Agency was created in 1970 to safeguard the environment against pollutants. The tidal wave of environmental regulations that followed impacted every industry in the United States, especially the automotive market. Decades later, organizations have internalized these regulations into their culture.

Today, the European Union’s General Data Protection Regulation (GDPR) is driving a regulatory wave of similar Continue Reading