South Korean Communications Commission Releases Guidelines on Data Protection...
In December 2014, the Korea Communications Commission (KCC) released the“Big Data Guidelines for Data Protection” (Guidelines). Aimed at Information and Communications Service Providers (ICSPs), they...
View ArticleSafe Harbor ruled invalid by the Court of Justice of the European Union
Just two weeks after Advocate General Bot delivered his controversial recommendation that the Court of Justice of the European Union (CJEU) should find the Safe Harbor Decision (2000/520/EC of 26 July...
View ArticleNew challenges created by China’s new draft cybersecurity law
In July 2015, China released its new draft cybersecurity law (the ‘Law’), which will potentially have far-reaching consequences for network operators and companies doing business in China....By: Philip...
View ArticleRe-use of Public Sector Information Regulations 2015 finally in force
On 18 July 2015, the Re-use of Public Sector Information Regulations 2015 (SI 2015/1415) (‘the New Regulations’) came into force, replacing the 2005 Regulations of the same name (SI 2005/1515)....By:...
View ArticleThe Safe Harbor Ruling – FAQs and What Your Business Should Do Now
Overview questions - 1. I’m Safe Harbor certified and have seen news articles reporting that “Safe Harbor is invalid”. What does that mean? On 6 October, the European Court of Justice delivered a...
View ArticleThe Article 29 Working Party releases statement on Safe Harbor
Background On 16 October, the Article 29 Working Party released a statement (“Statement”) on the implications of the Court of Justice of the European Union’s (“CJEU”) judgment in Maximillian Schrems v...
View ArticleU.S. Congress passes the Judicial Redress Act, but does it provide effective...
In an uncharacteristically swift move, the United States Congress passed the Judicial Redress Act (“Act”) on 20 October 2015. The Act proposes to extend safeguards implemented under the Privacy Act...
View ArticleRound-up of Safe Harbor guidance issued by EU Data Protection Authorities
October has been a busy month for Data Protection Authorities in the EU. Following the Court of Justice of the European Union’s judgment in Maximillian Schrems v Data Protection Commissioner (C-362-14)...
View ArticleSafe Harbor update: European Commission issues communication following Safe...
On 6 November, the European Commission released a Communication on the implications of the Court of Justice of the European Union’s (CJEU) decision in Maximillian Schrems v Data Protection Commissioner...
View ArticleSpain issues deadline for implementing alternative Safe-Harbor mechanisms
Spain’s Data Protection Authority, the Agencia Española de Proteccion de Datós (‘AEPD’), has issued a deadline of 29 January 2016, for the implementation of alternative mechanisms to Safe Harbor....By:...
View ArticleThe French CNIL officially requires the use of EU Model Clauses as a quick...
On 19 November, the Commission nationale de l’informatique et des libertés (CNIL) published an article entitled ‘Safe Harbor: What should businesses do?’ and associated FAQs aimed at businesses...
View ArticleFull steam ahead for the EU’s new Trade Mark Directive
On 15 January 2016, Europe’s new Trade Mark Directive (2015/2436) will come into force, with the aim of harmonising trade mark laws across the EU. The news follows the publication of the new Directive...
View ArticleProgress made on the Trade Secrets Directive
On 15 December 2015, Members of the European Parliament (MEPs) came to a preliminary agreement over new rules against the theft or misuse of trade secrets. The rules, which are set out in the draft...
View ArticleIf Safe Harbor is dead in the water, what does that mean for you?
The invalidation of the EU-U.S. Safe Harbor framework in October 2015 has created uncertainty for businesses that were reliant on the regime to transfer data to the United States, and has caused...
View ArticleHappy Data Protection Day! ICO and Senate Committee’s spotlight on data...
In preparation for European Data Protection Day on 28 January, the ICO commissioned a survey on attitudes towards data protection. The YouGov poll revealed growing public concern over data privacy and...
View ArticleSafe Harbor re-launched as the "EU-U.S. Privacy Shield"– but doubts are...
Following speculation that protracted negotiations had been in vain, an agreement on Safe Harbor has apparently been reached. Dubbed the “EU-U.S. Privacy Shield”, the regime will, subject to approval...
View ArticlePassage of the U.S. Redress Act Raises Confidence in Privacy Protection for...
The U.S. Judicial Redress Act has been signed into law by President Obama. The move marks an important step in data transfer relations between the EU and the United States, gives the green light to the...
View ArticleNow That Details of the EU-U.S. Privacy Shield Have Been Revealed, Should...
In the latest step toward finalising a replacement for the defunct Safe Harbor program, the European Commission has published its draft adequacy decision, formally supporting its view that the proposed...
View ArticlePrivacy Shield Details Have Been Revealed: Here’s What Companies Need to Know
The European Commission has published its draft adequacy decision on the EU-U.S. Privacy Shield, the proposed data transfer framework that would replace the defunct Safe Harbor program. The draft...
View ArticleWiFi Privacy: Network Analytics Guidance Issued by ICO
The Information Commissioner’s Office (ICO) has issued guidance to help wireless (WiFi) operators understand their duties under the Data Protection Act 1998 (DPA) when collecting and using location and...
View ArticleEU General Data Protection Regulation in force from 25 May 2018: the...
The long-awaited General Data Protection Regulation was published in the Official Journal of the European Union on 4 May 2016. This means that the most comprehensive reform to the EU’s omnibus data...
View ArticleEU Trade Mark Regulation (EU) 2015/2424 in force
On 23 March 2016, European Union Trade Mark Regulation (EU) 2015/2424 came into force. The new Regulation amends Community Trade Mark Regulation 207/2009/EC, and makes a number of procedural and...
View ArticleCyber Security Takes Centre Stage in UK Government’s Strategy
The UK Department for Culture, Media and Sport recently released a statement on cyber security, in which it urged businesses to take better care to protect against cyber criminals. This statement...
View ArticleInternational Data Transfers Face Further Setbacks: MEPs and the EDPS Reject...
The options available to EU organisations for lawfully transferring personal data from Europe to the United States appear to be dwindling. In particular, there have been further setbacks to the...
View ArticleGerman Data Protection Authority fines companies for transferring data to the...
Following the CJEU’s judgment of October 2015 invalidating the European Commission’s Safe Harbor Decision, the Data Protection Authority Hamburg (“DPA Hamburg“) started investigations against 35...
View ArticleData Protection in a Post-Brexit Landscape
The United Kingdom’s vote to leave the European Union coincides with a seismic change in data protection law. Once Article 50 of the Lisbon Treaty is invoked, there will be a period of two years to...
View ArticleWhat Brexit Means for Data Protection
For global pharmaceutical and medical device companies handling personal data in the European Union (EU) or engaged in transatlantic data transfers, some of the many questions created by the Brexit...
View ArticleTrade Secrets Directive Adopted by the European Council
Almost three years after its initial proposal, the Trade Secrets Directive has been formally adopted by the European Council and published in the Official Journal on 15 June (2016/943/EU). Member...
View ArticleEU-U.S. Data Privacy Shield adopted – a phoenix rising from the ashes of Safe...
The EU-U.S. Privacy Shield has been adopted by the European Commission. On 12 July 2016, following a positive vote from the member states (the Article 31 Committee) on 8 July, the EU College of...
View ArticlePractical Cybersecurity Guidance from TheCityUK and Marsh
TheCityUK and Marsh have jointly published a report urging UK financial and related professional services sectors to step up their efforts to address cyber risk. The report (headed “Cyber and the...
View ArticleThe Effect of Brexit on Cyber Security: A National Response to an...
As the risk of cyber attacks respects no borders, a cohesive and harmonised EU-level approach to cyber security is appropriate. It is therefore understandable that UK organisations have questions...
View ArticleImplementing the GDPR: What You Need to Know
Data protection procedures will require an overhaul for any company that offers goods and services, or tracks individuals, in the EU under the European General Data Protection Regulation (GDPR) to take...
View Article“Do As I Say, Not As I Do”: A Business Specialising in Blocking Unsolicited...
It is difficult to miss the irony of the ICO’s first-awarded fine for nuisance calls since taking over the Telephone Preference Service (TPS), as reported in our earlier blog in December. IT Protect...
View ArticleCyber Issues in Shipping
We have had reports of an email scam being circulated amongst owners and charterers and, in particular, being sent to ships. These emails are being sent by scammers posing as law firms in order to...
View ArticleICO Publishes International Strategy
The Information Commissioner’s Office (“ICO”) has released its International Strategy 2017-2021 (“Strategy”). The Strategy supports its Information Rights Strategic Plan, which we reported on earlier...
View ArticleHouse of Lords Publishes Report on Brexit and the EU Data Protection Package
The House of Lords EU Home Affairs Sub-Committee (“the Committee”) has published a report on the EU Data Protection Package and the impact of Brexit (“the Report”). The Report considers the...
View ArticleUK Government Posts New NIS Directive Consultation Addressing Cybersecurity...
The security and reliability of the UK’s IT infrastructure remains a key priority for the government. In August 2017, the Department for Digital, Culture, Media and Sport launched a public consultation...
View ArticleData Protection Changes: What Will Pension Scheme Trustees Need to Do to Comply?
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018. Prior to that date, we are in a transitional period during which organisations need to prepare for compliance. There will...
View ArticleUK Government Publishes Draft of the Data Protection Bill
On 14 September 2017, the Government published the long-awaited draft of the Data Protection Bill (the Bill). The Bill was first announced in the Queen’s Speech on 21 June 2017 (see our previous blog)...
View ArticleBe Prepared: Advice for the Shipping Industry on the Cyber Threat
“Take the time to prepare and focus on prevention” was the message from the panellists in our webinar on cyber attacks in the shipping industry last week. Mark Johnson, Counsel in our shipping group,...
View ArticleArticle 29 Working Party Publishes Guidelines on Automated Individual...
On 17 October 2017, the Article 29 Working Party (“Art 29 WP”) published draft guidelines on automated individual decision-making and profiling (“Guidelines”). In the Guidelines, the Art 29 WP states...
View ArticleEU Data Protection Regulation – Are You Ready for the GDPR?
The General Data Protection Regulation (the Regulation or GDPR) comes into effect on 25 May 2018. The Regulation is arguably the most seismic change in European Union (EU) data protection law in over...
View ArticleGDPR: Three Months to Go
On February 22, 2018, Reed Smith’s IP, Tech & Data Group hosted a webinar discussing key priorities and strategies for compliance during the final three months remaining before the General Data...
View Article
