Archives: International Privacy

Subscribe to International Privacy RSS Feed

EUROPE – UNITED STATES: 10 practical proposals for bridging the US-EU data privacy ocean

Nineteen renowned privacy experts from the US and the EU, amongst them DLA Piper’s Patrick Van Eecke, have developed ten practical proposals to increase the transatlantic level of protection of personal data. Most proposals can be implemented within existing different legal systems and are applicable worldwide. It concerns pragmatic bridges that benefit people, companies, governments … Continue Reading

GERMANY: New Data Retention Act – Retention Obligations for Telecommunications and Internet Access Service Providers

Written by Dr. Jan Geert Meents, Dr. Thomas Jansen and Dr. Reka Hatala Today the German Bundestag passed a highly disputed law on the retention of personal data. 404 out of 559 MEPs voted for the bill pursuant to which German providers of publicly available telecommunication and internet access services must store call detail records … Continue Reading

Ground-breaking European Court Decision – US Safe Harbor declared invalid

On October 6th, in a ground-breaking Decision, the Court of Justice of the European Union (CJEU) declared the US Safe Harbor scheme to be invalid, as well as confirming that individuals have the right to challenge any similar schemes that may be established by the European Commission through their national data protection authorities. The US … Continue Reading

Getting foggy in the Safe Harbor – Privacy agreement between EU and US at stake?

By Patrick Van Eecke & Loretta Marschall Today an important statement was issued endangering the free flow of personal data from the European Union to the United States. Advocate General Bot issued his opinion to the Court of Justice of the European Union (CJEU) in the Facebook case on whether or not a national supervisory … Continue Reading

FRANCE: New Law on Intelligence Adopted

By Florence Guthfreund-Roland and Mathilde Hallé On June 24th, 2015 a new bill regarding intelligence was adopted in the French Parliament by a vote of 438 to 86 (the “Intelligence Law”). The new legal framework set forth by the Intelligence Law The necessity of reforming the legal framework surrounding intelligence-gathering had been highlighted in several … Continue Reading

NETHERLANDS – Legislation on mandatory data breach notification adopted by the Dutch Senate

Written by Richard van Schaik, Robin de Wit and Charlotte van Triest On May 26, the Dutch Senate adopted the legislative bill on Data Breach Notifications, thereby amending the Dutch Data Protection Act and the Telecommunications Act (Wetsvoorstel meldplicht datalekken en uitbreiding bestuurlijke boetebevoegdheid Cbp). Content bill The bill introduces the mandatory obligation for all … Continue Reading

China Adopts the New National Security Law – A Top Legislative Effort To Control Cyber Security

Written by Scott Thiel On 1 July, 2015, the Standing Committee of the National People’s Congress, China’s top legislature, approved the new National Security Law of the People’s Republic of China (中华人民共和国国家安全法, the “New Law”) which became effective on the same day. This New Law is very high-level in its nature covering a wide range … Continue Reading

Internet Sweep Days: Focus on Children’s Data

Written by Carol Umhoefer Between May 12 and May 15, 2015, as part of the annual Internet Sweep Days, nearly 30 Data Protection Authorities (“DPAs”) audited child-oriented websites and mobile apps to check compliance with data privacy rules. Results are expected in Q3 2015. The Global Privacy Enforcement Network (“GPEN”), which brings together numerous countries’ … Continue Reading


Written by Eamon Holley, Legal Director, and Mohamed Moussallati, Legal Consultant, both based in Dubai, UAE Drones (also known as unmanned aerial vehicles, or UAVs) of different shapes, sizes and specifications are definitely one of ‘the’ gadgets of the year and over the last few years have become increasingly available and affordable in the UAE. … Continue Reading

EUROPE: EU-US data flows at risk? European Court of Justice today heard Facebook case.

By Patrick Van Eecke and Julie De Bruyn Today the Schrems v. Irish Data Protection Commission case was brought before the Court of Justice of the European Union (‘CJEU’) for an oral hearing, following referral by the Irish High Court. While the final ruling by the CJEU is to be awaited until June 24, it … Continue Reading

Restrictions on ICO’s power to impose fines for cold calls, emails and nuisance text messages relaxed (and mobile telecommunication providers get some extra exemptions from the location data rules)

Written by John Townsend johntownsend March 11, 2015 From the 6 April this year, the UK regulator the Information Commissioner will be able to issue fines for breaches of the direct marketing provision of the Privacy and Electronic Communications (EC Directive) Regulations 2003 without having to prove the organisation making the infringing call or sending the … Continue Reading

China Issues New CBRC Guidelines: Disclosure Requirements Affect Foreign IT Suppliers, Foreign Banks

Written by Scott Thiel and Belinda Tang A new set of regulations issued by the China Banking Regulatory Commission has fuelled concerns that China intends to squeeze foreign investment in its banking industry. The Guidelines on Banks Using Secure and Controllable Information Technology 2014-2015 were promulgated and became effective in late December.  The Guidelines require banks … Continue Reading

Spain: €13 Million to Promote 27 Smart Cities

Written by Ceyhun Pehlivan The Spanish Ministry of Industry, Energy and Tourism will finance up to 80% of 13 projects linked to the development of smart cities, from which 27 Spanish cities are expected to benefit. In June 2014,, Spain’s internet and ICT development agency, had issued the call for the selection of the … Continue Reading

FRANCE: Right To Be Forgotten – Application Of The Balancing Test Derived From The Google v. Costeja Case

Written By Caroline Chancé and Carol Umhoefer In a December 2014 decision, a French judge ruling in injunctive proceedings gave a new and interesting illustration of how national judges may use the ECJ’s Costeja v. Google case, as well as the related guidelines adopted by the Article 29 Working Party (“WP29″), to grant individuals’ requests … Continue Reading

“Toubon Law” 20 Years On: The Cyber Economy and France’s Law on the Mandatory Use of the French Language

Written by: Carol Umhoefer; Farid Bouguettaya; and Maruschka Graham In 1994, France implemented a law, known as the “Toubon Law” after France’s then-minister of Culture, Jacques Toubon, to preserve the French language, protect French consumers and promote French culture. At the time, the world wide web and the cyber economy were nascent; online marketplaces were … Continue Reading

FRANCE: CNIL Adopts New “Compliance Pack” for the Insurance Sector

January 29, 2015 In November 2014, the French Data Protection Authority (“CNIL”) issued a new “compliance pack” for the insurance sector, following consultations with trade associations. Written by Carol Umhoefer and Mathilde Hallé The CNIL has started promoting compliance packs as a new tool for regulating the processing of personal data in specific sectors. The … Continue Reading

Blue Edge Lab℠ launches new online cybersecurity tool for multinational companies

Blue Edge Lab, a wholly owned subsidiary of DLA Piper LLP (US) announced today the launch of CyberTrakSM, a highly innovative online cybersecurity tool featuring information on cybersecurity-related mandates and regulatory risk around the world. CyberTrak is the inaugural product of Blue Edge LabSM*. CyberTrak provides multinational companies instant online access to critical information about … Continue Reading

French Data Protection Authority Audit of Open Access Internet and Wi-fi Hot Spots – CNIL Issues Recommendations

Open access internet and free WiFi are ubiquitous.  For many  denizens of the mobilesphere, especially in urban environments, telephone networks are relics. It’s therefore not surprising that the French Data Protection Authority (the “CNIL”) recently audited providers of open access Internet services and Wi-Fi hot spots. Nor is it surprising that many providers are not … Continue Reading

24 privacy authorities worldwide call for more mobile app privacy

By Patrick Van Eecke & Julie De Bruyn Last week, the increased focus of national data protection authorities on the processing of personal data through mobile apps was again confirmed in an open letter from a group of data protection authorities. Earlier this year, the Global Privacy Enforcement Network (GPEN, consisting of 40 national and … Continue Reading

Europe: Right to be forgotten guidelines adopted by WP29

Article 29 Working Party adopts guidelines on the implementation on the Right to be Forgotten judgment of the CJEU By Patrick Van Eecke & Julie De Bruyn The Article 29 Working Party, the European data protection advisory body existing of representatives of the national data protection authorities of the EU Member States, announced yesterday to … Continue Reading

ITALY: More liberal approach on monitoring of employees

Written by Giulio Coraggio November 24, 2014 It is possible to collect location data relating to employees through smartphone Apps if used in order to optimize the usage of resources and improve their management, coordination and timing provided that this practice complies with the stringent obligations imposed by the Italian privacy authority. The decision of … Continue Reading

FRANCE: What You Need to Know About the CNIL’s New Online Investigative Powers and Enforcement Goals

Written by Carol Umhoefer and Jeanne Dauzier November 16, 2014 Earlier this year we reported on the new online investigative powers of the French Data Protection Authority (the “CNIL”) (See blog post here: FRANCE: The CNIL Gets New Online Investigative Powers). Whereas before CNIL agents could only conduct on-site inspections, since March 2014 they are … Continue Reading

Connected Cars & Privacy: Automotive industry adopts consumer privacy principles

by Patrick Van Eecke and Julie De Bruyn Last week proved to be an important week for privacy and data protection in the US: while representatives of the European Commission were negotiating with US representatives on government surveillance and the extension of the US Privacy Act to EU citizens, the US Alliance of Automobile Manufacturers … Continue Reading

Big Data, Big Privacy Issues

By Patrick Van Eecke & Mathieu Le Boudec Last week, a resolution on big data was adopted under the auspices of the 36th International Conference of Data Protection and Privacy Commissioners (hereafter: “ICDPPC”). After earlier guiding documents released this year by, among others, the Executive Office of the President of the United States, the Information … Continue Reading