Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Category Archives: European Union

Subscribe to European Union RSS Feed

My company isn’t a search engine. Why should I care about Google Spain?

Posted in Data Breach, Data Compliance & Security, EU Data Protection Regulation, European Court of Justice, European Union, Legislation, Privacy Litigation, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California  (LONDON) Google – along with the rest of us – is still considering the implications of the European Court of Justice’s May 13, 2014 decision that Google must remove links to a newspaper article containing properly published information about a Spanish individual on the basis… Continue Reading

The latest thinking from Europe (while we are waiting for the Regulation)

Posted in Data Compliance & Security, European Union, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California  (LONDON) Privacy practitioners from the US and Europe gathered in London on April 30 and May 1 to discuss current thinking about privacy policy, regulation and compliance at the IAPP’s European Data Protection Intensive conference. In the background to the current discussions, of course, we… Continue Reading

NYC Women in Intellectual Property Discuss Cybersecurity

Posted in Cybersecurity, Data Breach, Data Compliance & Security, European Union, Federal Trade Commission

Written by Andowah Newton Yesterday, Mintz Levin attended a panel breakfast sponsored by the New York City Bar’s Committee on Women in Intellectual Property.  The panel featured two practitioners, one from the public sector and one from the private sector.  The panel was moderated by Karen Greenberg, Director at Fordham Law’s Center.   Some takeaways that we… Continue Reading

New Draft Processor to Sub-processor Model Clauses (Art. 29 Working Party)

Posted in Cloud Computing, European Union, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California  (LONDON) The Art. 29 Working Party, a key advisory body to the EU Commission, recently proposed draft model clauses to cover the transfer of personal data from EEA data processors to non-EEA sub-processors. The draft model clauses have the potential to bring greater certainty to… Continue Reading

New Timeline for Adoption of Definitive EU Data Protection Regulation

Posted in European Union, Legislation, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) The European Commission announced yesterday that it is working towards a revised timeline for the adoption of a definitive Data Protection Regulation by the end of 2014. While Commissioner Viviane Reding’s press release about finalizing the Regulation by the end of 2014 has been… Continue Reading

On the 9th Day of Privacy, the European Union Gave to Me . . .

Posted in Data Breach Notification, Data Compliance & Security, Employee Privacy, European Union, Legislation, Privacy Regulation

. . .  a delayed delivery notice for the biggest package of the holiday season! Written by Susan Foster, Solicitor, England & Wales/Admitted in California, CIPP-E (LONDON) Major changes are on the way in Europe that will have a significant impact on companies anywhere in the world that collect or process personal data of residents… Continue Reading

European Commission Proposes New Ground Rules for US Safe Harbor

Posted in Data Compliance & Security, European Union, Legislation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) The European Commission, which has the authority to make changes to the US Safe Harbor program, has published a paper titled “Rebuilding Trust in EU-US Data Flows” that sets out the changes that the Commission would like to see the US adopt.  While it… Continue Reading

Key EU Parliament Committee Endorses Revised Draft of Data Protection Regulation

Posted in Data Compliance & Security, European Union, Legislation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) As widely expected, the European Parliament’s Committee on  Civil Liberties, Justice and Home Affairs (LIBE) voted today in favor of a revised, even tougher draft of the Data Protection Regulation that will (if finally adopted) replace the EU’s current laws regarding the collection and… Continue Reading

Privacy Monday – October 21, 2013

Posted in Data Breach Notification, Data Compliance & Security, European Union, Mobile Privacy, Privacy Monday

Privacy tidbits and bytes for this Monday – App Developers – Put this on your calendar! Now that the US government shutdown is over, the Federal Trade Commission (FTC) has announced its participation in a workshop with the Application Developers Alliance and the California Attorney General’s office on best practices for mobile app privacy.  The Mobile Privacy… Continue Reading

Should we worry about Safe Harbor being suspended because of the NSA’s PRISM Program?

Posted in Data Compliance & Security, European Union

(LONDON) Various data protection power players have called for the suspension or curtailment of the US Safe Harbor program ever since the Snowden revelations that the US NSA has required large internet service providers such as Google to provide vast amounts of personal data transmitted by individuals in Europe (and elsewhere). As many of you… Continue Reading

Discussing Binding Corporate Rules: An Interview with Sue Foster

Posted in European Union

(LONDON)   Word from Europe is that the final report out of a European Parliament inquiry established to investigate the PRISM National Security Agency surveillance/Edward Snowden revelations will recommend suspension of the EU-U.S. Safe Harbor Framework. Without Safe Harbor, a U.S. company is left to full compliance with the EU Data Protection Directive, including express consent… Continue Reading

Commerce GC: Notice-and Choice No Longer Sufficient

Posted in European Union, Privacy Regulation

Outgoing U.S. Commerce Department General Counsel Cameron Kerry used the opportunity of his final public remarks to emphasize that a unified U.S. privacy framework is essential to the future of the digital economy. Legislation should not wait for some data disaster to happen that undermines the trust essential to a successful digital economy. One byproduct of the unauthorized disclosures… Continue Reading

New Enforcement Guidance from the UK’s Information Commissioner’s Office

Posted in Data Compliance & Security, European Union, Mobile Privacy, Privacy Regulation

(LONDON) Who is on the ICO’s radar these days?  August seems to be the month for getting new guidance documents out the door at the United Kingdom’s Information Commissioner’s Office.  The UK ICO has just published guidance as to when it is likely to take regulatory action. The new guidance should be reassuring to companies… Continue Reading

New Tools from the UK’s Information Commissioner’s Office: How to Respond to Subject Access Requests

Posted in Data Compliance & Security, European Union, Legislation, Privacy Litigation, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) The UK ICO has come through yet again with some clear guidance as to how to apply the UK’s data protection laws in connection with requests by individuals for access to their personal data.  While we are waiting with bated breath for a final… Continue Reading

Privacy Monday – July 29, 2013

Posted in 201 CMR 17.00, Cybersecurity, Data Breach, Data Breach Notification, European Union, Privacy Monday

Privacy goofs, gaffes and tidbits for the last Monday in July —   NSA Surveillance Causes More Grief –Germany Calls for a Stop to Safe Harbor:  Time for Binding Corporate Rules?  According to news sources the federal and state German data protection commissioners late last week sent a letter to German Chancellor Angela Merkel, requesting… Continue Reading

EU Data Protection Regulation: and the horizon recedes again . . .

Posted in European Union, Legislation, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) We recently wrote that a crucial committee vote on the new EU Data Protection Regulation had been pushed back until May 29-30.   The vote has been delayed again until an unspecified future date, although Jan Phillip Albrecht, the MEP who is one of the… Continue Reading

EU Data Protection Regulation: Looming closer . . .

Posted in European Union, Legislation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) The draft of the new Data Protection Regulation, the first EU privacy law with highly serious teeth in the form of fines based on global turnover, continues to wend its way through various committees of the European Parliament (EP).  The European Parliament recently pushed… Continue Reading

EU versus Google: A test case for the viability of a global data protection policy?

Posted in European Union, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) The EU has escalated its existing investigation of Google’s global privacy policy, a policy covering all of Google’s services that was introduced by Google last year.  Up until April 3, the French data protection authority, CNIL, had effectively been tasked with engaging with Google… Continue Reading

Latest EU Proposal Will Force More Companies to Disclose Data Breaches

Posted in European Union

Written by Susan Foster (LONDON)  The European Commission recently published a draft “Cybersecurity Directive” which aims to increase the level of preparedness across the EU to deal with threats to network and information security.  The Directive provides for information-sharing and cooperation between the governments of Member States of the EU to tackle cybersecurity threats. As… Continue Reading

The Sony data breach fine: A hand-slap from London now, but what would it have been under the proposed new EU Data Protection Regulation?

Posted in Data Breach, Data Breach Notification, European Union, Privacy Regulation

Written by Sue Foster, Mintz Levin – London The UK Information Commissioner’s Office (ICO) has fined Sony £250,000 for the widely publicized 2011 security breach during (see here, here, and here) which hackers gained access to personal data (including credit card information) of over 77 million users. For a company of Sony’s size, £250,000 is a hand-slap —… Continue Reading

The View from London: European Parliament Publishes Proposal for Revised Draft of EU Data Protection Regulation

Posted in European Union, Privacy Regulation

Written by Susan Foster The European Parliament recently published a report on the European Commission’s draft of a new EU Data Protection Regulation.  The report, which includes the European Parliament’s proposal for a revised draft of the Regulation runs to an astounding 215 pages.  The Parliament’s report is certain to fuel debate for months as… Continue Reading

From Brussels: The New EU Data Protection Regulation — Will they or won’t they? And if so, when?

Posted in Data Breach Notification, Data Compliance & Security, European Union, Privacy Regulation

Susan Foster, a Member in Mintz Levin’s London office, attended last week’s IAPP Conference in Brussels and filed this report –  Written by Susan Foster Sometimes the most interesting things that emerge from conferences are whispered across the aisle just after a presentation or debated by attendees off-site over a glass or two of wine…. Continue Reading

The new European Cloud Partnership and UK ICO Guidance on Personal Data and Cloud Computing

Posted in European Union

Written by Susan Foster, Solicitor England & Wales/Admitted in California   EC Cloud Partnership The European Commission recently announced a €10 million campaign aimed at establishing standards and voluntary certification programs to make cloud computing services better aligned with European data protection laws.  The EC intends to leverage the purchasing power of national and local… Continue Reading