Introduction
By way of an interim measure adopted on 30 March 2023, the Italian Data Protection Authority (Garante per la protezione dei dati personali) (the Garante) ordered the US company Open AI LLC to temporarily stop ChatGPT’s
Europe
Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend
Cyberattacks have become more frequent, problematic and complex over the years – so much so that they now represent a real threat to economic activities. The French Information and Digital Security Experts Club (CESIN) has estimated that 54%…
Parliament fails to approve the EU Withdrawal Agreement: Data protection implications
On 25 November 2018 the UK Government and the EU agreed a draft withdrawal agreement which set out the terms of the UK’s departure from the EU and made a political declaration on the framework for their future relationship, as…
European Commission Publishes Proposal for the New e-Privacy Regulation
On 10 January 2017, the European Commission published the official proposal of the revised e-Privacy Regulation, which amends the current e-Privacy Directive. Many of the alarming changes that were included in the leaked December draft of the Regulation, which we covered, have been changed, resulting in a practical set of rules that align with the wider EU data protection framework. Below, we highlight key points in the official proposal.
Europe and US slated to agree on revised US-EU/US-Swiss Safe Harbor framework
It is being reported that the European Union and the United States are nearing an agreement on the revised US-EU/US-Swiss Safe Harbor framework. Thousands of US companies that have certified compliance with the Safe Harbor should be encouraged that the framework – which has been the subject of sustained criticism by European data protection regulators – will live another day. At the same time, certified organizations should prepare for enhanced requirements and a more robust enforcement climate that might come with the revised framework.
Google challenges applicability of CNIL’s “right to be forgotten” order to domain extensions outside the EU
In a recent blog post, reflecting on Google’s ongoing dispute with France’s CNIL about the scope of the “right to be forgotten,” Peter Fleisher, Google’s Global Privacy Counsel, announced that Google will maintain its position that that company would not comply with the CNIL’s formal notice dated May 21, 2015 to implement individuals’ requests to exercise their “right to be forgotten” on the company’s sites worldwide.