The Article 29 Working Party (“WP29”) recently issued much-anticipated guidance on administrative sanctions under the General Data Protection Regulation (the “GDPR”). This guidance focuses on the holistic factors which Supervisory Authorities (the … [Read more] about Article 29 Working Party Issues Guidance on Administrative Fines
WP29 issues Guidelines on Automated Individual Decision-Making and Profiling in the GDPR
On October 18, 2017, the Article 29 Working Party (the “WP29”) published Guidelines clarifying the new profiling and automated decision-making provisions of the General Data Protection Regulation (“GDPR”). European Union regulatory authorities and … [Read more] about WP29 issues Guidelines on Automated Individual Decision-Making and Profiling in the GDPR
Virginia Amends Data Breach Notification Law
Virginia amended the state’s data breach notification law, effective July 1, 2017, to expand notification requirements for employers and payroll service providers to data breaches that involve “unauthorized access and acquisition of unencrypted and … [Read more] about Virginia Amends Data Breach Notification Law
An English-Language Primer on Germany’s GDPR Implementation Statute: Part 4 of 5
Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR). On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation … [Read more] about An English-Language Primer on Germany’s GDPR Implementation Statute: Part 4 of 5
Irish High Court refers Facebook’s data case to the European Court of Justice
In what it considered “an unusual case” (available here), the Irish High Court has referred the issue of the way data is transferred between the EU and countries outside the EU to the Court of Justice of the European Union (“CJEU”). Ms. Justice … [Read more] about Irish High Court refers Facebook’s data case to the European Court of Justice