Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: EU

Posted in Consumer Privacy, International/EU Privacy, News & Events

Commerce Department General Counsel Pushes Back Against EU Attacks on US Privacy

The US privacy framework is under attack from officials in the EU following revelations about NSA surveillance.  Yesterday, US Department of Commerce General Counsel Cameron Kerry delivered his valedictory address before his departure from his position next week, and focused both on the progress made by the Obama Administration in privacy and offered the strongest [...]

Posted in International/EU Privacy

German Data Protection Commissioners Push Government Towards Suspension of U.S. – EU Safe Harbor Regime

According to reports by the German business newspaper Handelsblatt, the German data protection commissioners have sent a letter to the German chancellor Angela Merkel, asking her to push the European Union to suspend the U.S. – EU Safe Harbor regime because of the recently disclosed NSA activities. This letter dates from July 23 and is signed [...]

Posted in International/EU Privacy

European Court Adviser: Right to Be Forgotten Can Infringe Freedom of Expression

The European Court of Justice (ECJ) is considering a critical case regarding the “right to be forgotten” and the application of EU data protection law to Internet intermediaries. The case involves a Spanish individual who is seeking to require Google to delete references to newspaper articles mentioning his prior involvement in debt collection proceedings from its search results. The ECJ’s adviser, Advocate General Niilo Jääskinen, recently issued a non-binding opinion stating that although EU law should apply to Google, the company should not be deemed a “data controller” for its search engine activities. The opinion also warned that the “right to be forgotten” can adversely affect freedom of expression.

Posted in International/EU Privacy

Article 29 Working Party Gives New Guidance on the Principle of Purpose Limitation

The European Union’s Article 29 Data Protection Working Party (“WP29″), which consists of the 27 data protection authorities of the EU Member States, has published the “Opinion 03/2013 on purpose limitation” (Working Paper WP203), adopted on 2 April 2013 (the “Opinion”). The WP29 analyzes and interprets the elements of this principle, and gives numerous examples with [...]

Posted in International/EU Privacy

Endorsements and Delays for Proposed Data Protection Regulation

The legislative process for the European Commission’s (EC’s) proposed Data Protection Regulation is heating up. The European Parliament’s lead committee on the EU’s draft Data Protection Regulation has received more than 3,000 proposed amendments to the reform measure. As a result, the committee has moved its vote on the Regulation from April to the end of May. Some of the 3,000 amendments were submitted last week by Parliament’s Legal Affairs Committee (JURI), which has adopted an opinion generally supporting the proposed Regulation. Viviane Reding, Vice-President of the EC and EU Justice Commissioner, said that JURI’s adoption of the proposed Regulation brings the EU “another step towards the swift adoption of modern data protection reform in Europe.” In an unrelated announcement, the French Minister of Justice stated that France “actively supports” the proposed Regulation, including its provision on the right to be forgotten. The Minister said that France will be vigilant that the Regulation will “not introduce a step backwards” from current French law.

Posted in International/EU Privacy, News & Events

Hogan Lovells Launches Coalition for Privacy and Free Trade: Former EU Ambassador to US, Former US Trade Representative and Former White House Privacy Lead Involved

Hogan Lovells today announced the formation of the Coalition for Privacy and Free Trade. The formation of the new coalition follows the announcement by President Obama that the United States and the European Union soon will commence negotiations for a Transatlantic Free Trade Agreement (formally, the Transatlantic Trade and Investment Partnership (TTIP)), and Japan’s announcement of its [...]

Posted in International/EU Privacy

German Privacy Publication Features Hogan Lovells Piece on Proposed Data Protection Regulation

The German publication, Zeitschrift fur Datenschutz, has just published a piece authored by Christopher Wolf, director of the global Privacy and Information Management practice, entitled “A Critical Time for the EU Data Protection Regulation.” The article highlights issues that have been raised about the proposed Regulation, described as ”real and substantial.”  The point of the piece is [...]

Posted in International/EU Privacy, News & Events

US Government Tells EU: “We Are Adequate”

U.S. Ambassador to the European Union William E. Kennard spoke yesterday at Forum Europe’s 3rd Annual European Data Protection and Privacy Conference and called for a finding by the EU that the privacy protections in the United States are “adequate,” thus allowing cross-border transfers of personal data without separate legal mechanisms.  Canada, Uruguay and Israel are among the [...]

Posted in International/EU Privacy

Recent ECJ Decision Embraces Targeting Theory of Jurisdiction

Last month, the Court of Justice of the European Union (ECJ) issued a ruling on the scope of EU member states’ jurisdiction over internet services. In Football Dataco Ltd v. Sportradar GmbH, the ECJ considered a jurisdictional issue related to the Database Directive, but its opinion could have broader implications for how the EU considers [...]

Posted in News & Events

Live Blogging from “The Public Voice” in Uruguay: WP 29 Chair Says Proposed EU Regulation is Not Tough Enough

At a meeting of civil society in Uruguay today, Article 29 Working Party Chair Jacob Konstamm decried the “fierce lobbying” by the US government and IT companies on the pending EU Regulation and spoke directly to the issue of the explicit consent requirement in the proposed Regulation; the definition of personal data; and the issue of purpose limitation.

Posted in International/EU Privacy

New Article in ABA Antitrust Magazine Contrasts EU-US Proposals for New Privacy Framewrok

In a just-published article for the American Bar Association Antitrust magazine entitled “So Close Yet So Far, The EU and US Visions of a New Privacy Framework.” available through a link in this blog entry, Hogan Lovells Privacy partners Winston Maxwell (Paris) and Chris Wolf (Washington) compare and contrast the pending proposals on both sides of the Atlantic for improvements to the privacy frameworks.

Posted in News & Events

Video Presentations from University of Maine Center for Law and Innovation Program on “Privacy in Practice”

On June 22, 2012, Harriet Pearson, who becomes a Hogan Lovells privacy partner on August 1 and Chris Wolf, co-director of the firm’s Privacy and Information Management Practice, presented at the University of Maine Center for Law and Innovation Program on “Privacy in Practice.” This blog entry containes the videos of their presentations, Harriet’s on Global Data Management Concerns for All Enterprises, Everywhere and Chris’ on the proposed EU Data Protection Regulation.

Posted in International/EU Privacy

Amended UK Cookie Regulation Grace Period Expires; Implied Consent Can Be Valid

For over a year companies have been trying to determine how to achieve compliance with the UK Information Commissioner’s Office’s (ICO) amended Privacy and Electronic Communications Regulations (the “cookies law”), which implemented 2009 amendments to the EU’s Privacy and Electronic Communications Directive of 2002. Last week, the ICO made it clear that reliance on implied consent would be an acceptable form of consent.

Posted in International/EU Privacy

Tension Between Privacy Law and Other Interests Highlighted in Recent German Episode

Chris Wolf, Hogan Lovells Privacy and Information Management Practice Director, has a column in Slate, the daily Web magazine addressing the tension between privacy laws and other societal interests, and the potential for inflexible application of privacy laws in the EU. His discussion is in the context of the prosecution of two reporters for invading the privacy of a former Nazi commando who had been in hiding for decades. A link to the column is included in this blog entry.

Posted in International/EU Privacy

German DPAs Issue Rules for Cloud Computing Use

The German data protection authorities on September 26, 2011 adopted an “Orientation guide – cloud computing.” The guide sets out mandatory and recommended content for any agreement between German users of cloud computing services and cloud computing serving providers. It highlights the customer’s responsibility for full compliance with German data protection requirements for the cloud. Based on this orientation guide, customers and providers will have to review existing agreements in the German market.

Posted in International/EU Privacy

EU Article 29 Working Party Report on ISP and Telecom Carrier Data Retention for Law Enforcement Purposes

Winston Maxwell, a partner in Hogan Lovells’ Paris Office prepared this entry. On July 13, 2010 the EU’s Article 29 Data Protection Working Party adopted a report (http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2010/wp172_en.pdf ) describing how ISPs and telecom carriers retain traffic data for law enforcement purposes in Europe. The European Data Retention Directive 2006/24/EC (http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32006L0024:EN:HTML) was supposed to harmonize national [...]

Posted in International/EU Privacy

Article 29 Working Party Provides Guidance On Data Controller/Processor Concepts

On 16 February 2010, the Article 29 Working Party adopted an opinion on the concepts of data “controller and “processor”, which are crucial for determining who is responsible for compliance with EU data protection rules. The opinion provides a comprehensive analysis as well as practical examples and rules of thumb on how to approach the concepts pragmatically.

Posted in International/EU Privacy

European Commission Updates Model Clauses for International Data Transfers

On February 5th, the European Commission decided to modify the standard contractual clauses for transfers of personal data, repealing the original decision (Decision 2002/87/EU) that introduced these clauses back in 2002. The European Commission considered it necessary to adjust the existing standard contractual clauses to meet the growing challenges of global outsourcing.

Posted in International/EU Privacy

EU ePrivacy Directive and Cookies: The Consent Requirement May Not Be as Broad as Believed

As reported in the press, “the Council of the European Union has approved new legislation that would require Web users to consent to Internet cookies.” But it is not quite as clear-cut as that quote suggests. The consent requirement relates cookies that collect personal data — an important qualification — and some cookies appear to fall outside of the consent requirement. We detail the fine points of what has happened in this blog entry.