Data Protection

Spanish DPA Issues GDPR Guidelines

January 30, 2017 By Privacy, Cyber & Data Strategy Team

On January 26, 2017, the Spanish data protection authority (“AEPD”) published three guidance papers on the implementation of the general data protection regulation (“GDPR”). Although the guidance is primarily directed at small and medium-sized companies, it gives a snapshot on how the AEPD reads the GDPR and is thus relevant for all companies having operations […]

Article 29 Working Party Identifies GDPR Implementation Priorities for 2017

January 18, 2017 By Privacy, Cyber & Data Strategy Team

In a press release published on January 16, 2017, the Article 29 Working Party (“WP 29”) has outlined its strategy for 2017 on implementation of the General Data Protection Regulation (“GDPR”). WP29’s “2017 GDPR Action Plan” identifies the following priorities, objectives, deliverables and activities for the coming year: 2016 Follow-Up. WP29 will finalize work commenced in […]

Swiss-U.S. Privacy Shield Finalized

January 16, 2017 By Privacy, Cyber & Data Strategy Team

On January 11, U.S. and Swiss authorities announced final agreement on the Swiss-U.S. Privacy Shield Framework. The Framework defines standards for handling personal data exported from Switzerland to the U.S. and enables U.S. companies to meet Swiss legal requirements to protect personal data transferred from Switzerland. The Framework is a successor to the former Swiss-U.S. […]

WP29 Issues Guidance on the Right to Data Portability under the GDPR

December 19, 2016 By Privacy, Cyber & Data Strategy Team

Late last week, the Article 29 Working Party (“WP29”) issued detailed guidance on companies’ obligations under three key provisions of the General Data Protection Regulation (“GDPR”). This is part two of a three-part Alston & Bird series evaluating WP29’s positions, and relates to the Right of Data Portability for data subjects and its obligations for data controllers. Part 1 deals […]