Theodore Christakis, Professor of International at the University Grenoble Alpes and Senior Fellow at the Cross-Border Data Forum, has a published a new article examining the right of European Union Member States to review European Production Orders under the draft E-Evidence framework. Prof. Christakis looks at Statewatch’s recently released key EU Council documents on the […]
Uncategorized
Vermont Passes New Data Broker Law
Under a Vermont law, data brokers that process information regarding Vermont residents are now subject to registration and security requirements beginning January 1, 2019. Included in the new law are three notable components: (1) a broad statutory definition of a “data broker,” (2) an annual registration requirement for data brokers, and (3) reporting on data […]
Canada Publishes Final Regulations on Mandatory Reporting of Privacy Breaches
On April 18, 2018, the Canadian government published final regulations which include mandatory privacy breach notification, reporting and record-keeping obligations under Canada’s federal data protection law called the Personal Information Protection and Electronic Documents Act (PIPEDA). These new obligations will come into force on November 1, 2018. PIPEDA applies to private-sector organizations and sets out […]
Supreme Court Hears Oral Argument in the Microsoft Ireland Case
On Tuesday, February 27th, the U.S. Supreme Court heard oral argument in United States v. Microsoft Corp. on whether a warrant issued under the Stored Communications Act (SCA) can compel the production of data stored outside the United States. Where Microsoft argues that the emails stored outside the United States also lie outside the reach […]
German DPAs Publish Model GDPR Processing Records – Translations Provided
In just under 100 days, the EU General Data Protection Regulation (GDPR) enters into force. One of the major changes the GDPR introduces is a duty for in-scope controllers and processors to maintain written records of their processing activities. Under Article 30 GDPR, companies will need to inventory all “processing activities under [their] responsibility” and […]