Tag archives: European Commission

One week into GDPR – what you need to know

Norton Rose Fulbright - Data Protection Report blog

Websites go dark, complaints are filed within an hour, European Commission suffers an embarrassing data leak, and the US Commerce Secretary warns about the unintended trade impact of the law – all in the first week of the GDPR

The European Union’s far-reaching General Data Protection Regulation (GDPR) went into effect on 25 May amid much anticipation.  Although the date itself was seen as a watershed moment, what comes after will reveal the full impact of the law.  Even for those businesses that have declared that their GDPR compliance efforts have completed, the work of maintaining and updating their privacy … Continue Reading

European Commission Publishes Proposal for the New e-Privacy Regulation

Data Protection Report - Norton Rose Fulbright

On 10 January 2017, the European Commission published the official proposal of the revised e-Privacy Regulation, which amends the current e-Privacy Directive. Many of the alarming changes that were included in the leaked December draft of the Regulation, which we covered, have been changed, resulting in a practical set of rules that align with the wider EU data protection framework. Below, we highlight key points in the official proposal.… Continue Reading

EU and US reach agreement on cross-border data transfer framework, but uncertainty remains

Data Protection Report - Norton Rose Fulbright

On February 2, 2016, the European Commission and the United States reached an agreement on a new framework to permit transatlantic transfers of personal data.  The new framework — named “EU-US Privacy Shield”  — is slated to replace the US-EU Safe Harbor framework that was invalidated by the Court of Justice for the European Union.… Continue Reading

EU regulation proposal seeks to encourage consistency in data protection enforcement

Data Protection Report - Norton Rose Fulbright

This is Part 4 of a five-part series on the “One Stop Shop” mechanism in the proposed new European data protection regulation. In Part 1 we examined why there is a need for a One Stop Shop, and what it is. In Part 2 we examined the concept of main establishment and the position of entities without an EU establishment. In Part 3 we considered the competency of supervisory authorities (SAs), the cooperation obligations in relation to SAs and the functions of the European Data Protection Board (EDPB). In this Part we consider the consistency mechanism applicable to SAs.

Consistency Continue Reading

LexBlog