Archives: EU

Subscribe to EU RSS Feed

Breakfast Briefing – Cybersecurity Readiness and Effective Breach Response

The EU General Data Protection Regulation (GDPR) increases organizations’ obligations to a new level and also adopts, for the first time, specific breach notification guidelines. Cybersecurity readiness and effective responses are no longer the exclusive domain of IT departments -these are now board-level concerns.  Regardless of industry sector, size or commercial focus, companies not only … Continue Reading

WP 29 Publishes Guidelines on Personal Data Breach Notification Under Regulation 2016/679 “WP250”

The G29 is continuing its work to clarify GDPR with a view to its implementation in May 2018. The subject of personal data breach notification is not entirely new, as the reporting obligation, which will soon apply to all, already exists for communication service providers. However, these guidelines reiterate or provide more detailed information about … Continue Reading

WP 29 publishes Guidelines on Automated Individual Decision-Making and Profiling “WP251”

The Article 29 Working Party, the group of EU data protection authorities charged with agreeing European-wide guidance on GDPR, has published Guidelines on the Automated Individual Decision-Making and Profiling “WP251”. While the introduction of the concept of “profiling” in the GDPR is relatively new, it is not the case for automated individual decision-making, which is … Continue Reading

Privacy Shield: First Annual Review Report Published

On 18 October 2017, the European Commission (“Commission”) published its first annual report on the functioning of the US-EU Privacy Shield (“the Report”), the successor to the Safe Harbor framework after its invalidation in Schrems. The Report will be widely welcomed by businesses on both sides of the Atlantic as the Commission continues to back … Continue Reading

GDPR Data Protection Impact Assessments Guidelines Released

The Article 29 Working Party has adopted Guidelines on Data Protection Impact Assessments (DPIAs), following its consultation on a draft version published in April 2017.  The final version provides additional guidance in a number of areas without materially changing the position. Further guidance is provided on the trigger for mandatory DPIAs – whether the processing … Continue Reading

Survey of the National GDPR Implementation Laws of Key Member States

While the GDPR compliance clock is ticking for companies, EU Member States have also been preparing for the implementation of the General Data Protection Regulation (“GDPR”) which will become enforceable on May 25, 2018. The GDPR will be directly applicable in all EU Member States without the need for implementing national laws. However, apart from … Continue Reading

Top Five GDPR Compliance Challenges

Over the past two years, we have been assisting clients from all sectors to prepare for the implementation of the General Data Protection Regulation (“GDPR”), which will become enforceable on May 25, 2018.  Whilst many companies are racing full throttle to be fully compliant by May 2018, others are just about to start the process or are … Continue Reading
LexBlog