EU Regulation

Spanish DPA Issues GDPR Guidelines

January 30, 2017 By Privacy, Cyber & Data Strategy Team

On January 26, 2017, the Spanish data protection authority (“AEPD”) published three guidance papers on the implementation of the general data protection regulation (“GDPR”). Although the guidance is primarily directed at small and medium-sized companies, it gives a snapshot on how the AEPD reads the GDPR and is thus relevant for all companies having operations […]

Article 29 Working Party Identifies GDPR Implementation Priorities for 2017

January 18, 2017 By Privacy, Cyber & Data Strategy Team

In a press release published on January 16, 2017, the Article 29 Working Party (“WP 29”) has outlined its strategy for 2017 on implementation of the General Data Protection Regulation (“GDPR”). WP29’s “2017 GDPR Action Plan” identifies the following priorities, objectives, deliverables and activities for the coming year: 2016 Follow-Up. WP29 will finalize work commenced in […]

WP29 Issues Guidance on the Right to Data Portability under the GDPR

December 19, 2016 By Privacy, Cyber & Data Strategy Team

Late last week, the Article 29 Working Party (“WP29”) issued detailed guidance on companies’ obligations under three key provisions of the General Data Protection Regulation (“GDPR”). This is part two of a three-part Alston & Bird series evaluating WP29’s positions, and relates to the Right of Data Portability for data subjects and its obligations for data controllers. Part 1 deals […]

France adopts new regime for privacy class actions

December 13, 2016 By Privacy, Cyber & Data Strategy Team

A few weeks ago, France passed the Digital Republic Act which significantly enhances French citizens’ rights to privacy by offering new avenues to exercise rights and granting new powers to the French data protection authority. A recent amendment to the Data Protection Act, adopted November 18, 2016, goes a mile farther and introduces a new […]