Tag archives: EU

Germany’s Parliament Approves Local Data Protection Law to Operate Alongside GDPR

EU flags in front of European Commission building in BrusselsOn April 27, 2017, the German Federal Parliament voted to approve the new proposed German Federal Data Protection Act (“new FDPA”). The law would adapt the current German data protection law to the EU General Data Protection Regulation (GDPR). The federal chamber of the states, the German Federal Council, is expected to approved the new … Continue reading

EU Data Package Highlights Connections between Data Protection and the Digital Single Market

Data Protection Report - Norton Rose FulbrightOn January 10, 2017, the EU Commission published a package of documents on the EU’s data economy strategy, including e-privacy, data protection and the “European Data Economy.” The Commission documents,  published in the context of the Commission’s digital single market (“DSM”) initiative announced in May 2015, illustrate again the strong links between the EU’s digital … Continue reading

German DPAs: 500 Companies to be Audited on Data Exports

Data Protection Report - Norton Rose FulbrightTen German data protection authorities (DPAs), led by the Berlin DPA, announced today that they will send formal questionnaires to about 500 companies in Germany to assess the scope of the companies’ cross-border data transfers. In a press release, the DPAs pointed out that the export of personal data to non-EU countries has become a … Continue reading

NIS Directive Published: EU Member States Have Just Under Two Years to Implement

Data Protection Report - Norton Rose FulbrightThe Directive on Security of Network and Information Systems (known as the NIS Directive) was published in the Official Journal of the European Union on July 19, 2016. Member States will have until May 9, 2018 to implement this Directive into national laws and a further six months to identify “operators of essential services.” Summary … Continue reading

EU Network & Information Security Directive Expected to Become Effective in August 2016

Data Protection Report - Norton Rose FulbrightThe EU Network & Information Security Directive (NISD) (also known as the “Cyber Security Directive”) got one step closer to adoption today when, on May 17, 2016, the EU Council confirmed at first reading the agreement reached with the European Parliament in December 2015. To be enacted, the text must be approved by the European … Continue reading

EU GDPR will apply beginning May 25, 2018: Norton Rose Fulbright publishes GDPR Checklist, announces events and master classes

Data Protection Report - Norton Rose FulbrightOver four years in the making, the EU General Data Protection Regulation (GDPR) was finally published in the EU Official Journal on May 4, 2016, giving a concrete application date. It will apply directly in all EU Member States beginning May 25, 2018. The GDPR will repeal and replace Directive 95/46/EC and its Member State implementing … Continue reading

EU Data Protection Reform: EU Council of Ministers Publishes Updated Version of the GDPR, Formally Adopts Its Position at First Reading, Announces Crucial Second Reading to Take Place on 14 April

Data Protection Report - Norton Rose FulbrightOn 8 April 2016 (see here), the Council of the European Union announced that it has formally adopted its position at the first reading on the EU General Data Protection Regulation, a key step in the data protection reform process. The Council’s position will now be sent to the European Parliament who will vote on … Continue reading

EU Article 29 Working Party prepares for General Data Protection Regulation and responsibilities as European Data Protection Board

Data Protection Report - Norton Rose FulbrightOn February 11, 2016, the Article 29 Working Party (WP29) issued a statement setting out its 2016 action plan for implementation of the General Data Protection Regulation (GDPR) and its work programme for 2016-2018. WP29 will have 8 working groups leading the implementation of the 2016-2018 work programme. The statement highlights the following points: WP29 … Continue reading

Political agreement on EU Data protection reforms: the real count-down to compliance has started

Data Protection Report - Norton Rose FulbrightOn December 15, the Civil Liberties Committee (LIBE) of the European Parliament issued a press release announcing a provisional political agreement between the European Parliament and Council negotiators on the texts of both the General Data Protection Regulation and the Police & Judicial Cooperation Data Protection Directive.  Formal approval by the Council is expected shortly and … Continue reading

Council and European Parliament reach agreement on NIS Directive

Data Protection Report - Norton Rose FulbrightOn December 7, 2015, the Council of the European Union (the Council) reached an informal agreement with the European Parliament on a new EU directive on network and information security (NISD). The agreement marks the conclusion of two years of work, since the European Commission (the Commission) and the High Representative of the European Union … Continue reading

Day-after-Safe Harbor action plan: anticipating ECJ Schrems decision

Data Protection Report - Norton Rose FulbrightAs we have written extensively, the European Court of Justice’s (ECJ’s) ruling in the Schrems case on October 6, 2015 may effectively invalidate the US-EU Safe Harbor framework. While we believe that the Advocate General’s rationale for the proposal is weak, organizations that rely on the Safe Harbor are anxious about the consequences such a … Continue reading

Schrems Counterpoint: ECJ has good reasons to reject Safe Harbor invalidation

Data Protection Report - Norton Rose FulbrightThe European Court of Justice (ECJ) is expected to rule on Case C-362/14 (the “Schrems” case) on October 6, 2015.  In deciding whether to reject or adopt its Advocate General’s recommendation to invalidate the US-EU Safe Harbor, the ECJ finds itself between the proverbial rock and a hard place. Rejecting the Safe Harbor would lead to uncertainty in the ongoing … Continue reading

Europe and US slated to agree on revised US-EU/US-Swiss Safe Harbor framework

Data Protection Report - Norton Rose FulbrightIt is being reported that the European Union and the United States are nearing an agreement on the revised US-EU/US-Swiss Safe Harbor framework. Thousands of US companies that have certified compliance with the Safe Harbor should be encouraged that the framework – which has been the subject of sustained criticism by European data protection regulators … Continue reading

Dispute resolution mechanisms for SAs and individuals are key part of proposed EU regulation

Data Protection Report - Norton Rose FulbrightThis is Part 5 — the final part — of a five-part series on the “One Stop Shop” mechanism in the proposed new European data protection regulation. In Part 1 we examined why there is a need for a One Stop Shop, and what it is. In Part 2 we examined the concept of main establishment and the position of entities without … Continue reading

EU regulation proposal seeks to encourage consistency in data protection enforcement

Data Protection Report - Norton Rose FulbrightThis is Part 4 of a five-part series on the “One Stop Shop” mechanism in the proposed new European data protection regulation. In Part 1 we examined why there is a need for a One Stop Shop, and what it is. In Part 2 we examined the concept of main establishment and the position of entities without an EU establishment. In Part … Continue reading

EU focuses on authority of SAs to enforce “One Stop Shop,” proposes a replacement for WP29

Data Protection Report - Norton Rose FulbrightThis is Part 3 of a five-part series on the “One Stop Shop” mechanism in the proposed new European data protection regulation. In Part 1 we examined why there is a need for a One Stop Shop, and what it is. In Part 2 we examined the concept of main establishment and the position of entities without … Continue reading

EU’s “One Stop Shop” Proposal Focuses on “Main Establishment” as Nexus of DPA Enforcement Authority

Data Protection Report - Norton Rose FulbrightThis is Part 2 of a five-part series on the “One Stop Shop” mechanism in the proposed new European data protection regulation. In Part 1 we examined why there is a need for a One Stop Shop, and what it is. In this Part we examine the concept of main establishment and the position of entities without … Continue reading

EU Proposes “One Stop Shop” for Data Protection Supervision and Enforcement

Data Protection Report - Norton Rose FulbrightThis is Part 1 of a five-part series on the “One Stop Shop” mechanism in the proposed new European data protection regulation. The Council of the European Union (the Council) has recently published a partial general agreement on its version of the so-called ‘One Stop Shop’ mechanism. The Council’s internal deliberations are expressly caveated to the … Continue reading
LexBlog