The Commission’s review finds the Privacy Shield to have several novel elements that address the requirements laid down by the European Court of Justice in the Schrems case. Namely, the Commission reports that “[The Privacy Shield] provides for more regular and rigorous monitoring by the Department of Commerce and significantly strengthens the possibilities for EU individuals to obtain redress.”
Members of the European Parliament’s civil liberties committee handed privacy and data protection advocates a big win Thursday when they put Rapporteur Marju Lauristin’s proposals on the ePrivacy Regulation to the vote. The MEPs approved Lauristin’s report 31 to 25 and granted a mandate for further negotiations. It’s a hugely significant piece of legislation that will impact data protection landscape for decades to come.
The complexity of the EU General Data Protection Regulation is often alleviated by the guidance of regulatory authorities who contribute their practical interpretation of the black letter of the law and provide welcome certainty. However, the latest draft guidelines issued by the Article 29 Working Party on automated decision-making has thrown up a particular curve ball which bears further investigation. It relates to whether Article 22(1) of the GDPR should be read as a right available to data subjects or as a straightforward prohibition for controllers.
The European Commission announced this week a package of counter-terrorism measures as part of its European Agenda on Security initiative. These include, among other things, “measures to support law enforcement and judicial authorities when they encounter the use of encryption in criminal investigations”.
The European Commission insisted that it does not want to weaken encryption as part of its latest push to give law enforcement authorities more access to private data.
Laws that place restrictions on the ‘profiling’ of individuals do not just apply to data processing completed entirely automatically, EU data protection authorities have said.
With eight months until the introduction of the General Data Protection Regulations (GDPR), the countdown is well and truly on but businesses are not ready, writes Mike Cherry.
Given the extraordinary boom of the digital economy, Europeans’ data protection should be a priority, according to Director General for Justice and Consumers Tiina Astola.
Businesses will be considered ‘aware’ of data breaches under GDPR when their data processors notice the breach
Businesses that outsource the processing of personal data to other companies will be said to be aware of data breaches experienced by those processors as soon as the processors themselves recognise the breach, according to proposed new guidance.
On October 19, 2017, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs narrowly voted to approve an amended version of the e-Privacy Regulation. The committee vote is an important step in the process within the European Parliament.