What was promised by the GDPR (Art. 80 and Rec. 142) is now a reality! Following Schrems’ filing of 422 complaints to ten EU Data Protection Authorities yesterday for cookie-related violations, it is now clear that the data protection compliance posture of companies will be checked not only by Supervisory Authorities but also – de facto and actively – by privacy organisations and associations patrolling the internet to proactively find ...
Today marks the first anniversary of the CJEU’s “Schrems II” ruling which invalidated the European Commission’s Privacy Shield adequacy decision concerning the transfer of data to the US. Despite an urgent need to reach a deal on transatlantic data flows for economic and geopolitical reasons, few if any concrete results have been seen to date. As stressed earlier this year by European Commissioner Didier Reynders and Věra Jourová, Vice President of ...
After many debates, lots of speculation, and negotiations, the Adequacy decisions for the United Kingdom have been approved and Personal Data can continue to flow freely from the EEA to the UK after 30 June 2021. In my opinion, it is both right and reasonable that the decisions have been adopted, given that the ...
Earlier this week I had the pleasure of speaking at the IAPP Little Big Stage Online event on Corporate Social Responsibility and Data Protection with Jacqueline Klosek and Danielle Reyes – thank you for the active discussion! More and more, sustainability is at the forefront of corporate strategies. Environmental, Social, and Corporate Governance (ESG) is proving itself to be a driving force ...
On 22 June 2021, the Italian Data Protection Authority (DPA) announced that a month earlier, it had issued a major decision for the data sharing economy concerning the interpretation of third-party marketing consent. A company active in the energy sector (Company A) was fined EUR 3 million for unlawful data processing activities which involved the use ...
Today, 4 June 2021, the European Commission adopted two sets of much-awaited standard contractual clauses (SCCs). The modernized SCCs mark an important step towards potentially increasing legal certainty in the complex and global data-driven economy. The new SCCs consider the Schrems II decision and the subsequent opinions of the Supervisory Authorities. A transition period of ...
In recent weeks I have noticed a growing number of influential figures in the data protection world speaking out against a perceived lack of enforcement of the GDPR, the most influential data protection law known to date. Those in favor of revisiting the seminal law argue, for example, that the One-Stop-Shop mechanism is misguided or ...
You might be aware that early last month US Congresswoman Suzan DelBene, Representing Washington's 1st District, introduced the Information Transparency and Personal Data Control Act – in her words “legislation that would create a national data privacy standard to protect our most personal information and bring our laws into the 21st Century.” Important aspects of the Information Transparency and Personal Data ...
I am usually requested to express my opinion on cloud services and their legal aspects; but today I want to share some thoughts on “talent on the cloud” and the Work from Anywhere (WFA) phenomenon. I will consciously refrain from letting my legal thoughts (e.g., in terms of privacy and cybersecurity) kick in (mindful of the fact that it’s ...
In light of the 18th edition of Safer Internet Day, which “calls upon all stakeholders to join together to make the internet a safer and better place for all, and especially for children and young people”, I have decided to dedicate a blog post to the Italian TikTok case. The case of TikTok The Italian DPA (Garante per la protezione ...
Top-tier European ICT, Privacy & Cybersecurity lawyer. Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity (ECPC) within the Maastricht University Faculty of Law. Founding Partner of ICT Legal Consulting. Lead Auditor BS ISO/IEC 27001:2013.
Read more
CONNECT