Region: European Union

EU politicians are divided on the effectiveness of the recent US executive order on the treatment of personal data by surveillance and security services, with some casting doubt on its suitability as a foundation for a new Privacy Shield.

19 October 2022

The first post-GDPR update to the EDPB’s data breach notification guidelines may implement a more complex reporting procedure for companies based outside the EU.

18 October 2022

Max Schrems, the individual behind the European Court of Justice ruling that led to the previous EU-US data transfer framework being invalidated, has shared some strategies that could be explored to challenge the latest iteration of the transatlantic Privacy Shield.

12 October 2022

The two Bavarian state watchdogs’ heads have said the US appears to have broadly “understood European concerns” on the transfer mechanism, suggesting that the new tool could appease concerns over US transfers –  if approved by the EDPB.

12 October 2022

European data protection authorities have sent the European Commission a raft of proposals to improve GDPR enforcement through increased harmonisation – including around decisions in cross-border cases, investigative powers and complainant rights.

12 October 2022

President Joe Biden has finally revealed the detail of the latest iteration of the EU-US Privacy Shield, easing trans-Atlantic data flows after more than two years of Schrems II uncertainty.

07 October 2022

A European Court of Justice advocate-general has said the GDPR applies to orders for the provision of evidence in civil proceedings, forcing courts to balance the interests of affected data subjects against those who seek evidence.

07 October 2022

A European Court of Justice advocate-general has said mere infringements of the GDPR that cause trivial harm such as “mere upset” cannot lead to compensation – threatening non-material damages claims across Europe.

06 October 2022

A member of the European Parliament has said principles of data minimisation, purpose limitation, and storage limitation are no longer relevant and that the GDPR should be amended to adapt to technological developments.

29 September 2022

New proposed EU rules for product liability around data and artificial intelligence could put a rocket under Europe’s data breach class action market.

29 September 2022