Available in digital and print versions

2019.3 Magazine

 

The best defence is a good offence. It’s not exactly clear who came up with that idiom, but it also applies to the world of data. Dealing with hackers is the topic we explore in GDR 2019.3’s lead feature, which examines how some breach victims haven’t just dealt with the immediate consequences of a state-backed attack – they’ve used the US courts system to take the fight to the perpetrators. It makes for fascinating and insightful reading; so does our other main feature this quarter, which looks at the mass of AI ethics guidelines that have emerged over the past few months and sees whether they could eventually lead to some hard law.

Our latest community-based survey profiles a selection of the women who are leading the data law field, and will surely act as an inspiration to young professionals thinking of entering the field.

A trio of interviews rounds out the content written by the GDR team for this issue. We spoke to Patricia Poku, the head of Ghana’s Data Protection Commission, and Sophie Kwasny of the Council of Europe’s data protection unit on the sidelines of the inaugural African Region Data Protection and Privacy International Conference in Accra – and interviewed Wojciech Wiewiórowski, the current assistant European Data Protection Supervisor.

Finally, GDR has been closely tracking GDPR enforcement. Poland’s first enforcement decision under the new regime was far from straightforward. Lawyers at CMS in Warsaw analyse this decision, and the apparent friction it reveals between the EU’s data protection legislation and its regulations on the reuse of public data.

Download PDF

Peeling back the mask

Traditionally, hacking victims wanting to retaliate have had little choice but to rely on law enforcement. Now, a growing band of them are increasingly turning to the US court system – and the extensive discovery powers it endows – to take matters into their own hands.

Spain’s data bar

Data lawyers won’t forget the European Court of Justice’s 2014 <em>Google Spain</em> ruling – and its confirmation of the right to be forgotten – anytime soon. Spain continues to make its mark in data protection: its regulator, the AEPD, which kickstarted the ECJ litigation by backing the individuals’ delisting request, is a force to be reckoned with, and the country’s GDPR implementing legislation creates rights found nowhere else in Europe.

Interview with Patricia Poku

On the sidelines of the inaugural African Regional Data Protection and Privacy Conference in Accra, Ghana’s data protection commissioner, Patricia Poku, discussed African privacy frameworks, her agency’s funding – and what motivated her to move to Ghana after spending decades in Europe.

Interview with Wojciech Wiewiórowski

At a conference in Berlin, GDR spoke to the second in command at the European Data Protection Supervisor about making enforcers talk to each other, his term as assistant supervisor coming to an end, and, naturally, the GDPR.

Breaking open the black box

Concerns over the ethics of AI have led to a flurry of white papers and policy recommendations from governments and businesses. But will they be a precursor for regulation? 

Interview with Sophie Kwasny

The head of the Council of Europe’s data protection unit spoke to GDR at the inaugural African Regional Data Protection and Privacy Conference about her work on Convention 108+, supporting nascent data privacy frameworks and the role of Africa in global data policy.

Mixed messages from Poland: the uneasy relationship between regulations on reuse and the GDPR

CMS partner Tomasz Koryzma and senior associate Damian Karwala analyse the friction between the GDPR and the EU’s directive on the reuse of public information, in the wake of the Polish data regulator’s landmark Bisnode GDPR case.