After years of consulting, drafting and negotiating at various levels, on 15 December 2015 the final compromise text of the EU General Data Protection Regulation (“GDPR”) was agreed. What a milestone! Once the European Parliament and Council both adopt the agreed text, the GDPR will officially come into force.
In light of the recent technological developments in the field of communication based on the exchange of information through modern communication networks, the Kuwaiti national assembly recently issued Law No. 20 of 2014 (Regarding Electronic Transactions).
What are the rules protecting data in Asia Pacific? What can you do to recover information if you have been hacked? The Cybersecurity Counter-offensive Asia Pacific Guide has been launched in response to a wave of new cybersecurity legislation throughout the Asia Pacific region to regulate and monitor cybersecurity.
The Weltimmo judgment by the Court of Justice of the European Union on 1 October 2015 has potentially far-reaching implications in practice as it addresses a question frequently faced by multinationals operating across multiple EU jurisdictions, namely which one of the various national data protection laws they must comply with.
On November 6, 2015, the German Bundesrat approved a bill on the introduction of a national Data Retention Act (DRA). Following the Bundesrat’s approval, the bill is now sent to the Federal President who will most likely sign it. Therefore, the DRA will likely enter into force before the end of November.
In a recent decision, the Court of Justice of the European Union (ECJ) determines how the term “establishment” used in the EU Data Protection Directive 95/46/EC must be interpreted and thereby on the applicability of national data protection law in cases with a cross-border context as well as on the power of national data protection authorities in this regard. This has practical implications.
On October 23, 2015, the Portuguese Data Protection Authority issued a statement on transfers of personal data to the US which invalidated the European Commission decision 2000/520 / EC (Safe Harbor Decision),
The White House issued a “Fact Sheet” summarizing the outcome of the meetings between President Xi and President Obama with respect to areas in which the United States and Chinese governments agreed “to work together to constructively manage our differences” and decided “to expand and deepen cooperation.”
The Court of Justice of the European Union, following the opinion of the Advocate General, invalidated European Commission Decision 2000/520 dated July 27, 2000, which allowed transfers of personal data to US companies that self-certified under the US/EU Safe Harbor Program.
The Bavarian Data Protection Authority (DPA) in Germany has fined two implicated companies – both seller and purchaser – for unlawfully transferring customer data as part of an asset deal.