Gdr 2019 3 magazine front cover 246x338
Gdr 2019 3 magazine front cover 314x414

Available in digital and print versions

2019.3 Magazine

    The best defence is a good offence. It’s not exactly clear who came up with that idiom, but it also applies to the world of data. Dealing with hackers is the topic we explore in GDR 2019.3’s lead feature, which examines how some breach victims haven’t just dealt with the immediate consequences of a state-backed attack – they’ve used the US courts system to take the fight to the perpetrators. It makes for fascinating and insightful reading; so does our other main feature this quarter, which looks at the mass of AI ethics guidelines that have emerged over the past few months and sees whether they could eventually lead to some hard law.

    Our latest community-based survey profiles a selection of the women who are leading the data law field, and will surely act as an inspiration to young professionals thinking of entering the field.

    A trio of interviews rounds out the content written by the GDR team for this issue. We spoke to Patricia Poku, the head of Ghana’s Data Protection Commission, and Sophie Kwasny of the Council of Europe’s data protection unit on the sidelines of the inaugural African Region Data Protection and Privacy International Conference in Accra – and interviewed Wojciech Wiewiórowski, the current assistant European Data Protection Supervisor.

    Finally, GDR has been closely tracking GDPR enforcement. Poland’s first enforcement decision under the new regime was far from straightforward. Lawyers at CMS in Warsaw analyse this decision, and the apparent friction it reveals between the EU’s data protection legislation and its regulations on the reuse of public data.

Peeling back the mask

Traditionally, hacking victims wanting to retaliate have had little choice but to rely on law enforcement. Now, a growing band of them are increasingly turning to the US court system – and the extensive discovery powers it endows – to take matters into their own hands. In late 2017 and early 2018,...

Spain’s data bar

Data lawyers won’t forget the European Court of Justice’s 2014 Google Spain ruling – and its confirmation of the right to be forgotten – anytime soon. Spain continues to make its mark in data protection: its regulator, the AEPD, which kickstarted the ECJ litigation by backing the individuals’ delisting...

Interview with Patricia Poku

On the sidelines of the inaugural African Regional Data Protection and Privacy Conference in Accra, Ghana’s data protection commissioner, Patricia Poku, discussed African privacy frameworks, her agency’s funding – and what motivated her to move to Ghana after spending decades in Europe. Tell me about...

Interview with Wojciech Wiewiórowski

At a conference in Berlin, GDR spoke to the second in command at the European Data Protection Supervisor about making enforcers talk to each other, his term as assistant supervisor coming to an end, and, naturally, the GDPR. Your tenure is coming to an end in December? Yes, 5 December is my last...

Breaking open the black box

Concerns over the ethics of AI have led to a flurry of white papers and policy recommendations from governments and businesses. But will they be a precursor for regulation? In a 2018 UK House of Lords report on artificial intelligence, one contributor let a little frustration slip into her submission....

Interview with Sophie Kwasny

The head of the Council of Europe’s data protection unit spoke to GDR at the inaugural African Regional Data Protection and Privacy Conference about her work on Convention 108+, supporting nascent data privacy frameworks and the role of Africa in global data policy. Tell us about your role within...

Mixed messages from Poland: the uneasy relationship between regulations on reuse and the GDPR

CMS partner Tomasz Koryzma and senior associate Damian Karwala analyse the friction between the GDPR and the EU’s directive on the reuse of public information, in the wake of the Polish data regulator’s landmark Bisnode GDPR case. The importance of public sector information that can be reused by businesses...