A few weeks ago, France passed the Digital Republic Act which significantly enhances French citizens’ rights to privacy by offering new avenues to exercise rights and granting new powers to the French data protection authority. A recent amendment to the Data Protection Act, adopted November 18, 2016, goes a mile farther and introduces a new […]
EU Regulation
The French Digital Republic Act: the New Powers of the French Data Protection Authority and Enhanced Rights of Individuals
On October 7, the French Digital Republic Act (the “Act”) was adopted following a widely-publicized consultation process. The Act amends the French Data Protection Act, and also modifies French law in various domains, including consumer protection, electronic payment services, medical research, and intellectual property. The Act constitutes a first step in the implementation of the […]
UK Regulator Elaborates Plans for Extensive Guidance on GDPR Compliance
The UK Information Commissioner’s Office (“ICO”) has provided details on its plans to provide guidance to organizations on compliance with the European Union’s General Data Protection Regulation (“GDPR”), which will apply EU-wide as from 25 May 2018. The ICO’s work plan involves three overlapping “phases.” Over the next six months, priority outputs will include ICO […]
European Council Adopts the Network and Information Security Directive
On May 17, 2016, the European Council formally adopted its position at first reading of the Network and Information Security Directive (“NIS Directive”). The objective of the NIS Directive is to increase cooperation between EU Member States on issues of network and information security. Companies subject to the NIS Directive are required to adopt “appropriate […]
European Data Protection Supervisor Issues Information Security Risk Management Guidance for E.U. Institutions
The European Data Protection Supervisor (“EDPS”) Giovanni Buttarelli issued a guidance document on data security and risk management for the E.U. institutions (such as the European Parliament, the European Council, and the Council of the European Union) on March 21, 2016. Although aimed at E.U. institutions, the document may nonetheless become a source of guidance […]