Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: article 29

Posted in Data Protection & Privacy Photo of Mac Macmillan

UK ICO Publishes Guidance on Consent Under GDPR

The UK Information Commissioner’s Office has just published draft guidance on consent under GDPR. This is an interesting move given that the Article 29 Working Party has promised guidance on the same topic later this year, but reading the guidance makes it clear why the ICO decided to prioritise it: many of the practices which it identifies as unacceptable are fairly common in the UK, meaning many companies are going to have to re-think their approach to legitimising their data processing. A few examples: The new guidance states: “name your

Posted in Data Protection & Privacy, Policy & Regulation Photo of Eduardo UstaranPhoto of Sam Choi

Triple GDPR Guidance Issued by Article 29 Working Party

No one could accuse the EU Article 29 Working Party (WP29) of not delivering as promised.  Following its recently held December plenary meeting, the WP29 has released three separate guidelines with their interpretation of some key aspects of the General Data Protection Regulation, namely: data portability, data protection officers (DPOs), and lead supervisory authorities. At the same time, the WP29 has confirmed its role as the “EU centralised body” for handling individual complaints under the Privacy Shield and the re-establishment of its enforcement subgroup in charge of coordinating cross-border enforcement

Posted in Data Protection & Privacy Photo of Eduardo UstaranPhoto of Bret CohenPhoto of Katherine Gasztonyi

Details of Legal Challenge to Privacy Shield Revealed

Ever since the first draft of the EU-US Privacy Shield framework was published in early 2016, groups opposed to the idea have indicated their intent to challenge the legality of the framework under EU law. Recently, the privacy advocacy group Digital Rights Ireland (DRI) made good on that promise.  Following the filing of a formal complaint on 15 September asking for an annulment of the framework by the Court of Justice of the European Union (CJEU), DRI has now made public the details of its complaint. In the complaint, DRI

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

EU-U.S. Umbrella Agreement Gets ‘Amber Light’ from Article 29 Working Party

The Article 29 Working Party issued a revealing statement about the so-called EU-U.S. Umbrella Agreement, which is aimed at creating a high-level data protection framework in the context of transatlantic cooperation on criminal law enforcement. As a sign of support for the deal, the Working Party welcomes the initiative to set up a general data protection framework in relation to law enforcement cooperation.  In a fairly positive tone, the Working Party states that the Umbrella Agreement “considerably strengthens the safeguards in existing law enforcement bilateral treaties with the US, some of

Posted in Data Protection & Privacy Photo of Julie BrillPhoto of Bret CohenPhoto of Eduardo UstaranPhoto of Harriet Pearson

Privacy Shield Receives Final Approval from European Commission—Some Initial Practical Advice

On 12 July 2016, the European Commission issued its much awaited “adequacy decision” concerning the Privacy Shield framework for the transfer of personal data from the EU to the U.S. This adequacy decision is based on the latest version of the Privacy Shield, which was further negotiated and revised following the Article 29 Working Party’s April 2016 concerns with the terms of the original Privacy Shield framework. Many of our clients have questions about Privacy Shield—what it is, when it will be available for use, and how it differs from

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

Untying the Global Dataflows Mess

One of Harry Houdini’s most difficult tricks consisted of escaping from a nail-fastened and rope-bound wooden crate with manacles on his hands and feet, while submerged in New York’s East River. That feat is starting to look straightforward when compared to the prospect of lawfully exporting personal data out of the European Union. The restrictions on transfers of data to jurisdictions that do not provide an adequate level of protection have been in place for more than 20 years. And while these restrictions have not prevented the development of the

Posted in Data Protection & Privacy Photo of Victoria Hordern

Article 29 Working Party Sees Privacy Shield Glass Half Empty

From the moment that the Chairman of the Article 29 Working Party, Isabelle Falque-Pierrotin, announced at a press conference on 3rd February this year that the Working Party would assess the standing of the EU-US Privacy Shield under EU law, privacy professionals have been waiting to see what the Working Party’s view would be.  Earlier this week, on 13th April, the Working Party provided their initial opinion.  On the one hand, the Working Party welcomed the significant improvements of the Privacy Shield as a positive step forward. Yet, on the

Posted in Data Protection & Privacy, TMT2020 Photo of Harriet PearsonPhoto of Eduardo UstaranPhoto of Bret CohenPhoto of Katherine Gasztonyi

TMT2020: Inside the New EU-U.S. Data Framework: A Practical Breakdown of the Privacy Shield

EDITOR’S NOTE:  We are excited to present this entry in our new TMT2020 series, which reflects the key technology, media, and telecoms legal issues that are expected to impact today’s organizations and tomorrow’s marketplace.  It also provides an opportunity to highlight contributions by TMT associates across our global offices and practice areas.  The February 29, 2016 announcement of the new EU-U.S. data transfer framework—the Privacy Shield—was accompanied by over 130 pages of documentation and significantly more operational details than its predecessor, Safe Harbor.  We have reviewed the Privacy Shield materials and

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

International Data Transfers – The Uncertainty Continues

Following the announcement by the European Commission of the newly agreed EU-US Privacy Shield, the missing piece of the jigsaw was the Article 29 Working Party’s stance on the adequacy of the existing mechanisms in place—in particular, standard contractual clauses and binding corporate rules (BCR).  So after two days of intense discussions, the Working Party has issued a statement with its latest position, which is the follow up to their original reaction to the invalidation of Safe Harbor last October.  The bottom line: the Working Party still does not view