EU-U.S. Privacy Shield ensures “adequate level of data protection” but could be improved, EU Commission finds

On October 18, 2017, the EU Commission published its report on the first annual review of the EU-U.S. Privacy Shield. The report reflects the Commission’s findings on the implementation and enforcement of the EU-U.S. Privacy Shield framework in its first year of operation. According to the EU Commission, the Privacy Shield “continues to ensure an […]

Tags: ,

Scientific research in Italy slowed down by new data processing rules?

On December 12, 2017, a new Article 110bis of the Italian Privacy Code came into force, redrafting the discipline concerning use of data for scientific research or statistical purposes. The new Article 110bis, Italian Privacy Code, (Legislative Decree n. 196/2003) introduced three changes that might have harmful consequences for scientific developments. First, it restricts the possibility […]

Tags: ,

WP29 published criteria for appropriate administrative fines in GDPR’s breach

As announced (see here), on October 3, 2017, the Article 29 Working Party(WP29) published its Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679 (GDPR). Once a GDPR infringement is established, the competent supervisory authority (Article 5 1 GDPR)  must identify the most appropriate corrective measure(s) to address the […]

Tags: ,

Digital Single Market: unjustified geoblocking to end by the end of 2018

On November 20, 2017, the European Parliament, the Council and the Commission committed to end all geoblocking that unnecessarily impedes consumers to buy products or services online within the EU. The EU digital single market should “give consumers the same possibility to access the widest range of offers regardless of whether they physically enter a […]


US law firms – especially immigration lawyers – dealing with EU data subject be shall be mindful of future privacy changes

On May 2018, Regulation (EU) 2016/679, on the Protection of Natural Persons with Regard to the Processing of personal Data and on the Free Movement of Such Data, and repealing Directive 95/46/EC (General Data Protection Regulation, in short “GDPR”), will enter into force. The good thing is that starting from that date, the EU will […]

Tags: ,

WP29’s plenary meeting: final guidelines on DPIA and opening for comments on data breach notification and profiling

At its plenary meeting held in October 2017, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the so called General Data Protection Regulation (GDPR). WP29 approved the final version of the DPIA guidelines Guidelines on Data Protection Impact Assessment after having examined the comments received during the public consultation which ended […]

Tags: ,

UK publishes Data Protection Bill – data protection will get stricter

As anticipated (see here), a new Data Protection Bill was introduced to the House of Lords on September 13, 2017 and it officially entered Parliament on September 14, 2017. The new Bill aims at substituting the UK Data Protection Act 1998 and updating data protection laws in accordance with the GDPR. What will it change? […]

Spanish DPA issues Eur 1.2 million fine to Facebook

On September 11, 2017, the Spanish Data Protection Agency (AEPD) issued a closing resolution against Facebook deeming that the company doesn’t process data in accordance with EU data protection law. According to the AEPD, Facebook “collects data on ideology, sex, religious beliefs, personal preferences or browsing activity without clearly informing about how and for what purpose it will use […]

Tags: ,

1 2 3 14