fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " EU "

Consumer contract law in the age of data

As part of its 2015 Digital Single Market Strategy, the European Commission proposed modernising the rules applicable to sales of goods and introducing similar rules for the supply of digital content (such as digital films, music, e-books, applications) and digital services (such as social media platforms, on-line games, pay-per-view access to films, cloud computing, etc.).

After more than 3 years of negotiations, the EU adopted a package comprising a directive on contracts for the supply of digital content and services and a directive on contracts for the sale of goods, both applicable in B2C relations.

Full article: The EU makes B2C contract law enter the age of data

Privacy Shield and Standard Contractual Clauses will be assessed by European Courts

On the first and second of the July, the General Court of the European Union (which is part of the Court of Justice of the European Union (CJEU)) will hear a case against the EU-U.S. Privacy Shield brought by three French NGOs, La Quadrature du Net, French Data Network and Fédération FDN.

A week later, on 9 July, the CJEU will hear arguments in Schrems II, in which the Irish High Court has referred 11 questions relating to whether the European Commission’s Standard Contractual Clauses (SCCs) provide an adequate level of protection for personal data which is transferred to the US.

Judgments in these cases are expected towards the end of 2019 or beginning of 2020. there is high probability that either or both the Privacy Shield and SCCs will be invalidated as a mechanism for transferring personal data outside the EU, in a similar manner to the invalidation of Safe Harbor in 2015.

Source: Transfers on Trial: Privacy Shield and Standard Contractual Clauses go before the European Courts

EU Council adopts conclusions on data retention to fight crime

The Council adopted conclusions on the way forward with regard to the retention of electronic communication data for the purpose of fighting crime.

It noted that data retention is an essential tool for investigating serious crime efficiently, but one whose use should be guided by the need to protect fundamental rights and freedoms.

The Council tasked the Commission to gather further information and organise targeted consultations as part of a comprehensive study on possible solutions for retaining data, including the consideration of a future legislative initiative.

Source: Data retention to fight crime: Council adopts conclusions – Consilium

FRA publishes paper on Quality vital for data-driven artificial intelligence

Algorithms, used in machine learning and artificial intelligence, are responsible for analysing the data and making these decisions.

Therefore, a new European Union Agency for Fundamental Rights (FRA) focus paper questions the quality of data behind automated decision-making and underlines the need to pay more attention to improving data quality in artificial intelligence.

Source: Quality vital for data-driven artificial intelligence | European Union Agency for Fundamental Rights

Privacy Shield complaint to be heard by Europe’s top court in July

A legal challenge to the EU-US Privacy Shield, a mechanism used by thousands of companies to authorize data transfers from the European Union to the US, will be heard by Europe’s top court this summer.

The General Court of the EU has set a date of July 1 and 2 to hear the complaint brought by French digital rights group, La Quadrature du Net, against the European Commission’s renegotiated data transfer agreement which argues the arrangement is still incompatible with EU law on account of US government mass surveillance practices.

Source: EU-US Privacy Shield complaint to be heard by Europe’s top court in July

Cybersecurity certification gets an EU revamp

A new EU Regulation on cybersecurity promises a more coordinated approach across Europe. The new law will set up a framework for the establishment of European cybersecurity certification schemes.

The intention is to prevent “certification shopping” based on different levels of stringency among member states. Certification will be voluntary initially, but regular assessments will be carried out to determine whether certification of particular products or services should become compulsory.

Source: Cybersecurity certification gets an EU revamp

Europe seeks to lead a new world order on data

Brussels is pulling its weight as the world’s top trade bloc to export its privacy rules.

Ahead of a G20 ministerial meeting this weekend in Japan, EU officials are pushing to cement the region’s dominance over new standards about how companies send data between trading blocs. Europe’s goal is to establish the right to privacy — enshrined as a fundamental right in the region — in the way that data is exchanged between global businesses ranging from banks and insurers to hotels and online retailers.

Source: Europe seeks to lead a new world order on data – POLITICO

One Year Into GDPR, Most Apps Still Harvest Data Without Permission

Unauthorized data harvesting from mobile apps has continued nearly unabated in the year since Europe’s General Data Protection Regulation came into force last May.

In a recent test conducted for AdExchanger, mobile analytics company Kochava examined the behavior of the top 2,700 apps in the Google Play store in the United States compared with France, where GDPR applies.

Source: One Year Into GDPR, Most Apps Still Harvest Data Without Permission | AdExchanger

CIPL Issues White Paper on GDPR One Year In

On May 31, 2019, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP issued a white paper on “GDPR One Year In: Practitioners Take Stock of the Benefits and Challenges.”

The White Paper outlines the benefits that organizations have experienced over the past year as a result of their GDPR compliance efforts. It also describes the challenges and unfulfilled promises of the GDPR, identifying where organizations feel the GDPR has not lived up to its objectives and has presented practical difficulties that need to be addressed.

Read whitepaper: GDPR One Year In: Practitioners Take Stock of the Benefits and Challenges

>