Regulatory Enforcement

Data Protection Litigation to Become a New Reality in Belgium

December 22, 2017 By Privacy & Data Security Team

On November 16, 2017 the Belgian Senate adopted an “Act on the Establishment of the Data Protection Authority” (the “Act”). Following Austria, Germany, and the UK, Belgium is the fourth EU Member State to pass a domestic statute implementing the General Data Protection Regulation 2016/679 (“GDPR”) prior to its effective date of 25 May 2018. […]

WP29 issues Guidelines on Automated Individual Decision-Making and Profiling in the GDPR

October 31, 2017 By Privacy & Data Security Team

On October 18, 2017, the Article 29 Working Party (the “WP29”) published Guidelines clarifying the new profiling and automated decision-making provisions of the General Data Protection Regulation (“GDPR”). European Union regulatory authorities and the WP29 consider that technological developments that facilitate the creation of individual profiles, such as big data analytics, AI and machine learning, […]

Facebook Fined for WhatsApp Data Linking Fallout

May 24, 2017 By Privacy & Data Security Team

On 18 May 2017, the European Commission (“Commission”) fined Facebook €110 million ($122 million) for misrepresentations made in its application for competition clearance of the company’s acquisition of WhatsApp. In its merger application, Facebook claimed that it would be unable to automatically match Facebook users’ accounts and WhatsApp users’ accounts for marketing and other purposes. […]

Australia Adopts New Data Breach Notification Legislation

March 6, 2017 By Privacy & Data Security Team

On February 13, 2017 Australia became one more among nation states adopting data breach notification legislation. In recent House and Senate votes, the Australian Parliament amended the Privacy Act 1988, introducing mandatory data breach notification requirements for entities regulated by the Privacy Act. Who is Subject to the New Legislation? The recent bill requires entities […]