The European Union’s Article 29 Data Protection Working Party (“WP29″), which consists of the 27 data protection authorities of the EU Member States, has published the “Opinion 03/2013 on purpose limitation” (Working Paper WP203), adopted on 2 April 2013 (the “Opinion”). The WP29 analyzes and interprets the elements of this principle, and gives numerous examples with [...]
Tag Archives: European Union
Endorsements and Delays for Proposed Data Protection Regulation
The legislative process for the European Commission’s (EC’s) proposed Data Protection Regulation is heating up. The European Parliament’s lead committee on the EU’s draft Data Protection Regulation has received more than 3,000 proposed amendments to the reform measure. As a result, the committee has moved its vote on the Regulation from April to the end of May. Some of the 3,000 amendments were submitted last week by Parliament’s Legal Affairs Committee (JURI), which has adopted an opinion generally supporting the proposed Regulation. Viviane Reding, Vice-President of the EC and EU Justice Commissioner, said that JURI’s adoption of the proposed Regulation brings the EU “another step towards the swift adoption of modern data protection reform in Europe.” In an unrelated announcement, the French Minister of Justice stated that France “actively supports” the proposed Regulation, including its provision on the right to be forgotten. The Minister said that France will be vigilant that the Regulation will “not introduce a step backwards” from current French law.
European Regulators State that Non-EU Mobile Apps Must Comply with EU Privacy Laws
The European Union’s Article 29 Data Protection Working Party (“WP29“), which consists of the 27 data protection authorities of the European Union Member States, has published its “Opinion on Apps in Smart Devices“, adopted on 27 February 2013 (the “Opinion“). Applicability of EU laws According to WP29, the 1995 Data Protection Directive applies to all [...]
Privacy Law in 2012: Where We Are and Where We Are Going
On August 3, at the ABA Annual Meeting, the ABA Section of Administrative Law and Regulatory Practice held a panel moderated by Hogan Lovells privacy leader Chris Wolf entitled “Privacy Law in 2012: Where We Are and Where We Are Going.” The article below, reprinted with permission from ABA Now, describes thoughts of the panelists on the future of privacy in the US and in Europe.
Blogging from IAPP London: BCRs Key to Accountability and Interoperability
Are BCRs the key to global interoperability? Some think so at the IAPP London conference. This post discusses opinions from conference presenters — will BCRs will become more and more popular as corporations implement new accountability measures, or will they fade under the weight of continued bureaucracy?
Details of EU Data Protection Reform Reveal Dramatic Proposed Changes
Although the European Commission was expected to release its overhaul of the 1995 Data Protection Directive (95/46/EC) next month, some of the details of those changes emerged earlier than expected this week. In this post, we summarize the many key changes between the Data Protection Directive and the Commission’s draft Data Protection Regulation.
German DPAs Issue Rules for Cloud Computing Use
The German data protection authorities on September 26, 2011 adopted an “Orientation guide – cloud computing.” The guide sets out mandatory and recommended content for any agreement between German users of cloud computing services and cloud computing serving providers. It highlights the customer’s responsibility for full compliance with German data protection requirements for the cloud. Based on this orientation guide, customers and providers will have to review existing agreements in the German market.
French Court of Appeals reject company’s whistleblower system despite CNIL approval
A French Court of Appeals in Caen recently confirmed a lower court’s order for the suspension of a whistleblowing system implemented by French company Benoist Girard, a subsidiary of American group Stryker. The decision comes as a surprise as it rejects the approval of the whistleblower system by French data protection authority (the “CNIL”).
EU Article 29 Working Party Report on ISP and Telecom Carrier Data Retention for Law Enforcement Purposes
Winston Maxwell, a partner in Hogan Lovells’ Paris Office prepared this entry. On July 13, 2010 the EU’s Article 29 Data Protection Working Party adopted a report (http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2010/wp172_en.pdf ) describing how ISPs and telecom carriers retain traffic data for law enforcement purposes in Europe. The European Data Retention Directive 2006/24/EC (http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32006L0024:EN:HTML) was supposed to harmonize national [...]
EU Article 29 Working Party Decrees Strict Opt-In Standards for Behavioral Advertising Data Collection
On June 22, the Article 29 Working Party published an opinion clarifying the EU legal framework for those involved in online behavioral advertising. While it put forth strict guidelines for behavioral advertising in the EU, the working partypraised certain privacy-enhancing practices incorporated into behavioral advertising today and specifically encouraged industry to develop technical means to comply with the framework and “to exchange views” with the working party regarding such means.
BNA Webinar: Legal Landmines in Europe for Internet-Based Businesses
Readers of the Hogan Lovells Chronicle of Data Protection may be interested in an upcoming webinar entitled “Legal Landmines in Europe for Internet-Based Businesses”
featuring Hogan Lovells attorneys from Europe and the United States, as well as Google’s European Privacy Counsel, Peter Fleischer. This event is being produced by Pike & Fischer, a Bureau of National Affairs (BNA) Company. Included in this blog entry is the Pike & Fischer/BNA announcement with link to registration information.
European DP authorities issue “Future of Privacy” roadmap
The Article 29 working party of European data protection authorities published a roadmap listing areas of future reform of privacy legislation in the EU. “Privacy by design,” increased accountability and a reduction in administrative filing obligations are among the WP29′s proposals.