GDPR Implementation

Belgian Privacy Commission Issues DPIA “Black” and “White List” Recommendation

May 3, 2018 By Privacy, Cyber & Data Strategy Team

On February 28, 2018, the Belgian Privacy Commission issued a recommendation on the position it takes with regard to data protection impact assessments (or “DPIAs”) as foreseen in the GDPR. A DPIA under the GDPR is similar in scope and impact to its predecessor, the PIA (or “privacy impact assessment”) and requires businesses to assess […]

100 Days Until GDPR Effective Date – Sharing Our GDPR Experience

February 14, 2018 By Daniel Felz and Privacy, Cyber & Data Strategy Team

In less than 100 days, the General Data Protection Regulation (GDPR) will go into effect. This means that as of May 25, 2018, each national Supervisory Authority will have the authority to apply and enforce the GDPR. The GDPR raises the bar in terms of requirements substantially higher than the Data Protection Framework Directive. For […]

ECJ Rules against Schrems Class Action, Sets Up Jurisdictional Questions for GDPR Class Actions

January 30, 2018 By Daniel Felz

In late 2015, the European Court of Justice (ECJ) issued its initial Schrems decision, invalidating the EU/US Safe Harbor and leading to important developments in the rules for transferring personal data from the EU to the US. Since that decision, Mr. Schrems has pursued two further legal proceedings in the EU. The first involves Mr. Schrems’ challenge in […]

Data Protection Litigation to Become a New Reality in Belgium

December 22, 2017 By Privacy, Cyber & Data Strategy Team

On November 16, 2017 the Belgian Senate adopted an “Act on the Establishment of the Data Protection Authority” (the “Act”). Following Austria, Germany, and the UK, Belgium is the fourth EU Member State to pass a domestic statute implementing the General Data Protection Regulation 2016/679 (“GDPR”) prior to its effective date of 25 May 2018. […]

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 5 of 5

November 27, 2017 By Daniel Felz

Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR). On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation Act. The Act repeals Germany’s venerated Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG) and replaces it […]