Tag Archives: GDPR

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 4 of 5

Written by
Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR).  On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation Act. The Act repeals Germany’s venerated Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG) and replaces it with an entirely new BDSG, aptly referred to as the “BDSG-New.” Germany becomes the first EU Member State to pass a GDPR implementation statute. Given Germany’s reputation as one of, if not the, most serious privacy jurisdiction [...] Read more

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 3 of 5

Written by
Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR).  On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation Act. The Act repeals Germany’s venerated Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG) and replaces it with an entirely new BDSG, aptly referred to as the “BDSG-New.” Germany becomes the first EU Member State to pass a GDPR implementation statute. Given Germany’s reputation as one of, if not the, most serious privacy jurisdiction [...] Read more

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 2 of 5

Written by
Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR).  On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation Act. The Act repeals Germany’s venerated Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG) and replaces it with an entirely new BDSG, aptly referred to as the “BDSG-New.” Germany becomes the first EU Member State to pass a GDPR implementation statute. Given Germany’s reputation as one of, if not the, most serious privacy jurisdiction [...] Read more

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 1 of 5

Written by
Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR).  On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation Act. The Act repeals Germany’s venerated Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG) and replaces it with an entirely new BDSG, aptly referred to as the “BDSG-New.” Germany becomes the first EU Member State to pass a GDPR implementation statute. Given Germany’s reputation as one of, if not the, most serious privacy jurisdiction [...] Read more

UK will soon introduce a new Data Protection Bill

Written by
The UK Department for Culture, Media & Sport is planning to present a new Data Protection Bill to the Parliament in early September. This new Bill will replace the current UK Data Protection Act 1998 and will effectively incorporate the EU General Data Protection Regulation (“GDPR”) in the UK legal system. The new Data Protection Bill is one of the main goals of the recently elected government, as also expressed in the Queen’s Speech in June. Its primary aim is to ensure that the UK upholds the same data protection principles as the rest of the EU once it leaves the Union, which will [...] Read more

Data Processing at Work: New Challenges towards Compliance

Written by
The Article 29 Working Party (“WP29”) recently issued an opinion that discusses the processing of employee personal information (Opinion 02/2017). WP29 focuses on the use of new technologies by employers and assesses requirements in light of the upcoming General Data Protection Regulation (“GDPR”). Consent and legal bases to process personal information The WP29 has historically asserted that employees’ consent should not be a legal basis for processing employees’ personal information. The power imbalance between employer and employee leads to an uneven situation where consent [...] Read more

Fourth Circuit Court of Appeals Allows Wikimedia Upstream Suit to Proceed

Written by
On May 23, 2017, the Fourth Circuit Court of Appeals issued its opinion on Wikimedia foundation v. NSA/CSS. The Court vacated and remanded the NSA’s previously successful motion to dismiss Wikimedia’s Fourth and First Amendment claims against the NSA’s Upstream surveillance program, while a 2-1 majority upheld the dismissal of the eight other organizations joined as co-plaintiffs. The Court held that Wikimedia’s complaint contained sufficient factual allegations to determine Article III standing and that the District Court misapplied Clapper v. Amnesty International USA’s analysis of [...] Read more

Swire Discusses European Data Economy at European Political Strategy Centre Policy Hearing

Written by
Peter Swire, Alston & Bird Senior Counsel and Nancy J. and Lawrence P. Huang Professor of Law and Ethics at the Georgia Institute of Technology’s Scheller College of Business, recently participated in a policy hearing held by the European Political Strategy Centre, the in-house think tank of the European Commission. Swire joined five other experts in answering a series of questions posed by the Centre’s moderators on how Europe can build its data economy to compete globally, protect fundamental privacy rights, and guard against anti-competitive behavior. In his remarks, Swire pointed [...] Read more

French CNIL Releases GDPR Compliance Toolkit

Written by
On March 15, 2017, the French data protection authority (CNIL) released its six step- GDPR compliance program together with GDPR-tailored templates for use by companies, the “GDPR Toolkit.” The GDPR Toolkit is helpful for companies because it provides guidance that companies may directly include in their privacy programs. Companies with sophisticated privacy programs may also use the GDPR Toolkit as a reality check against CNIL and, more generally, European data protection authorities’ standards and expectations for GDPR compliance. Click here to access the Toolkit. [...] Read more

Working Party welcomes the draft ePrivacy Regulation, yet expresses grave concerns

Written by
The Working Party recently issued its first Opinion for 2017, focusing on the EU Commission’s proposed ePrivacy Regulation (WP 247, Opinion 01/2017). The Commission’s proposal, which was published in January this year, aims to modernize the existing ePrivacy Directive (2002/58/EC as amended by 2009/136/EC) which concerns the protection of personal data in the context of electronic communication services. In its Opinion, the Working Party overall welcomed the proposed regulation, yet expressed several points of concern and suggested amendments. The congratulations… In welcoming the regulation, [...] Read more