Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: Data Protection

Posted in Consumer Privacy, Cybersecurity, Data Protection & Privacy, Employment privacy, Financial privacy, Heath privacy/HIPAA, International/EU privacy, Policy & Regulation, privacy and security litigation Joke Bodewits

Dutch Data Protection Authority Sets GDPR Fines Structure

On 14 March 2019, the Dutch data protection authority (Autoriteit Persoonsgegevens, DPA) announced (in Dutch) its fining structure for violations of the European General Data Protection Regulation (GDPR) and the Dutch law implementing the GDPR (Implementation Act).

The GDPR sets two levels of administrative fines that may apply depending on which GDPR provisions have been infringed: The higher of €10 … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy, Policy & Regulation, privacy and security litigation, Technology

A global approach to IoT cybersecurity?

The European Telecommunications Standards Institute (ETSI) has published a new standard for cybersecurity in relation to consumer IoT products. The standard builds on the UK’s Code of Practice for Consumer IoT Security, published in October last year. The Code of Practice was developed by the UK Government following publication of a draft code as part of the Secure by … Continue Reading

Posted in Consumer Privacy, Cybersecurity, Data Protection & Privacy, Employment privacy, Financial privacy, Heath privacy/HIPAA, International/EU privacy, Policy & Regulation, privacy and security litigation Dr. Christian TinnefeldDr. Henrik Hanßen

GDPR Enforcement Update: Increasing Fines Expected from German DPAs | HL Chronicle of Data Protection

Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. Now that the dust of the immediate GDPR compliance rush is settling, the first details of fines imposed under the GDPR and the number of cases pending with Data Protection Authorities (DPAs) in Europe are being made … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Winston MaxwellChristine Gateau

An Approach for Setting Administrative Fines Under the GDPR

Article 83 of the GDPR provides for two levels of administrative fines: a lower level – maximum of €10 million or 2% of the global turnover – for violations relating to record-keeping, data security, data protection impact assessments, data protection by design and default, and data processing agreements; and a higher level – maximum of €20 million or 4% of … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation, Technology Winston MaxwellJohn Salmon

EU: Are blockchain and data protection incompatible?

Since publishing the original version of our guide to blockchain and data protection in September 2017, there has been considerable further commentary from academics, politicians and practitioners, some of which suggested that there is inherent incompatibility of blockchain systems with EU data protection law.

This updated version of our guide puts forward our views on this question, offering a more … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation

Are You Ready for Brazil’s New Data Protection Law?

The Brazilian General Data Protection Law (“Lei Geral de Proteção de Dados” or “LGPD”), passed by Congress on 14 August 2018, will come into effect on 15 February 2020. The new data protection law significantly improves Brazil’s existing legal framework by regulating the use of personal data by the public and private sectors. Very similar to the General Data Protection … Continue Reading

Posted in Copyright, Technology

IP in the mix: European Parliament adopts resolution on DLTs & blockchains

The European Parliament has adopted a non-legislative resolution on distributed ledger technologies (DLTs) and blockchains. In the resolution, which was adopted last month, the Parliament emphasised that the EU has an opportunity to become “the global leader” in the field of DLT and to be a “credible actor” in shaping its development and markets globally. The resolution discusses potential … Continue Reading

Posted in Artificial Intelligence, Data Protection & Privacy Jason Lohr

Legal landmines lie in wait for machine learning applications

An ever increasing variety of companies are incorporating machine learning into their products and services. Machine learning provides the ability to quickly and accurately perform, in parellel, a large number of well-defined tasks. The accuracy will improveover time as additional data is obtaied and the machine learning model continues to “learn”. Many companies, however, are struggling with the best way … Continue Reading

Posted in Data Protection & Privacy Bret Cohen

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act. 

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). At first glance, it is clear that the drafters of the … Continue Reading

Posted in Data Protection & Privacy

California Consumer Privacy Act: The Challenge Ahead – Consumer Litigation and the CCPA: What to Expect

This is the fourth installment in Hogan Lovells’ series on the California Consumer Privacy Act

This post discusses litigation exposure that businesses collecting personal information about California consumers should consider in the wake of the California Legislature’s passage of the California Consumer Privacy Act of 2018 (CCPA).

For several years, the plaintiffs’ bar increasingly has relied on statutes like the … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy, e-commerce Roy ZouAdrian EmchSherry GongAndrew McGintyEugene LowMark Parsons

A game changer? China enacts first e-commerce law

In stark contrast to the rapid development of e-commerce in China, it has taken nearly five years and no less than four drafts for China to finalise its first e-Commerce Law. The new law will enter into force on 1 January 2019.

This new law has a remarkably broad scope, encompassing many aspects of e-commerce, including, for example, e-payments, … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy Harriet Pearson

California Consumer Privacy Act: The Challenge Ahead – Introduction to Hogan Lovells’Blog Series

Groundbreaking. Watershed. Unprecedented.

We have heard the California Consumer Privacy Act of 2018 (CCPA) called all these things and more since its enactment on June 28, ‌2018. Our experience to date has confirmed the compliance challenge ahead for organizations that engage with the residents of the world’s fifth-largest economy.

We will explore the ramifications for businesses of this seminal legislation … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Massimiliano MasnadaMarco Berliri

GDPR Italian Implementing Decree Has Been Published

On 4 September, the Legislative Decree no. 101 of 10 August 2018 (the “Decree”) for the national implementation of General Data Protection Regulation (EU) 2016/679 (the “GDPR”) has been published in the Official Journal. The approach of the legislator was to maintain the structure of former Legislative Decree 196/2003 (the “Privacy Code”) which, however, has been extensively amended and … Continue Reading

Posted in Data Protection & Privacy Mark Parsons

India’s Draft Personal Data Protection Bill, 2018: Charting the “Fourth Way”

India’s Committee of Experts, under the chairmanship of Justice B.N. Srikrishna (the Srikrishna Committee), has submitted a draft Data Protection Bill (the Bill) for review by the Ministry of Electronics and Information Technology. The Srikrishna Committee tabled the Bill alongside a report entitled “A Free and Fair Digital Economy – Protecting Privacy, Empowering Indians” (the committee report).

India Charts its Continue Reading

Posted in Data Protection & Privacy Michelle Kisloff

Data class actions in the US

Over the past few years, there has been a surge in class actions challenging companies’ privacy and data security practices. But, while the number of class actions continues to grow, the suits face several significant challenges, have afforded limited relief to individual consumers, and have provided no coherent privacy standards in the US By comparison, the primary government regulator, the … Continue Reading

Posted in Data Protection & Privacy Christine GateauWinston MaxwellEduardo Ustaran

The General Data Protection Regulation timidly opens the doors to data class actions in Europe

More than 15 years after the adoption of the Data Protection Directive1, the European Commission noticed that the current legislative framework on data protection did not adequately deal with the risks associated with online activity2.

Acknowledging this, the General Data Protection Regulation (GDPR)3 was finally adopted by the European Parliament on 14 April 2016, entering … Continue Reading

Posted in Data Protection & Privacy Christine GateauWinston MaxwellChristelle CoslinPauline Faron

French initiatives: “class action” or “collective action” for personal data protection?

Both the French Council of State in its annual report for 2014 as well as the National Digital Council (hereinafter, “CNNum”) in its “Digital Ambition” report voiced support for the creation of an action enabling consumers to collectively seek redress for violations of regulations protecting personal data.

However, their recommendations are different regarding the goal of this action.

After some … Continue Reading

Posted in Data Protection & Privacy Winston MaxwellHarriet PearsonJohn SalmonEduardo Ustaran

Getting to data nirvana – a user’s guide to data lakes and GDPR

A data lake is an infrastructure that permits different data sets from within a group to be combined and analysed together.

To analyse a data lake under GDPR, it is helpful to think of a data lake in two phases, which we analyse in our user guide.

The infrastructure phase

Here, the guide covers:

  • Identify the entity that is
Continue Reading
Posted in Broadcasting, Copyright, Cybersecurity, Data Protection & Privacy, Digital Single Market (EU), e-commerce, Policy & Regulation, Technology, Telecoms & Broadband Peter WattsPenny Thornton

The Brexit White Paper: A digital Brexit?

The UK Government’s White Paper sets out detailed proposals for the UK’s relationship with the EU following Brexit.

As described in our dissection of the document as a whole, the White Paper sees the digital economy as an area of global opportunity for the UK.   So what does the Government have to say about sector?

The White Paper’s distinguishes Continue Reading

Posted in Data Protection & Privacy Eduardo Ustaran

Cookie Consent Is the New Panic

Judging by the number of calls and the intensity of the discussions about how to comply with the cookie consent requirement in a post-GDPR world, this issue has become a top worry for organisations and data protection officers. Partly due to the visibility of the mechanisms used to collect this consent, and partly due to the potential implications of operating … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Mark BrennanTimothy Tobin

California Enacts Sweeping New Comprehensive Privacy Legislation

California continues to be a first mover in privacy in the United States, enacting the US’s toughest and most comprehensive privacy legislation on Thursday, June 28, 2018. Unlike existing state and federal privacy legislation that has generally focused on specific sectors or privacy issues, the California Consumer Privacy Act of 2018 (AB 375), applies broadly to businesses that … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation

New Webcast: Worried about the GDPR? Don’t panic!

If you’ve got any worries about the GDPR – Europe’s new data privacy regime – then we’re here to help with our recently recorded webcast, explaining why there’s no need to panic.

It’s a great discussion, with our industry-leading panel looking offering lots of helpful tips and practical examples of how you can prepare for the GDPR, even after the … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Winston MaxwellPatrice Navarro

One day before the entry into force of the GDPR, the French bill is adopted… but referred to the French Constitutional Council (“Conseil Constitutionnel”)

The General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. In light of the urgency to adapt Law no. 78-17 dated 6 January 1978 to the new European Union law, the French Government has initiated an accelerated procedure. This procedure led to the adoption in final reading by the French National Assembly of the bill on Continue Reading

Posted in Data Protection & Privacy Mark Parsons

Asia Data Protection and Cyber Security Guide 2018

As global focus on data protection and cyber security law and regulation continues to increase, the Asia-Pacific region is increasingly an area of concern for global compliance programs.

Much of the focus internationally has been on preparations for the May, 2018 implementation of the EU GDPR. However, the APAC region is also noteworthy for a number reasons, including China’s ongoing … Continue Reading