By: Carol A. F. Umhoefer and Andrew Serwin

The Schrems II decision of the Court of Justice of the European Union (CJEU), rendered on  July 16, 2020, invalidated the EU-US Privacy Shield and created new obligations, notably for businesses transferring personal data pursuant to standard contractual clauses (SCC). On November
Continue Reading Schrems II: European Data Protection Board issues recommendations on supplementary measures for transfers of personal data to the US

On December 21, 2020, the European Union’s new Electronic Communications Code (EECC) will begin regulating a broad range of previously unregulated services as Electronic Communications Services (ECS). Among these newly regulated services are email, connected wearable devices, and many other Over The Top (OTT) applications, such as audio, video and
Continue Reading Webinar: The new European Electronic Communications Code

By Patrick Van Eecke and Anne-Gabrielle Haie

From July 12, 2020 onwards, new European rules will oblige online platforms to take several additional measures, including reviewing their terms and conditions, establishing a data policy and creating a complaint handling system. The Platform to Business Regulation is directed towards companies that
Continue Reading Europe: New rules for the platform economy

[This is an updated version of my earlier blog piece from July to take account of revisions agreed through the legislative process since then.]

The new European Communications Code (the “Code” – which I have blogged about here) will introduce a mechanism allowing investments in fibre networks made by
Continue Reading Co-Investment Models for Broadband Infrastructure – an explanation and short critique (updated)

The European Data Protection Supervisor (EDPS) launched it data protection strategy, summarizing it in three strategic objectives and 10 accompanying measures for the next five years.

The EDPS stated that it is a crucial moment for data protection, a period of unprecedented change and political importance, not only in the
Continue Reading European Data Protection Supervisor launches its 2015-2019 strategy

By Patrick Van Eecke and Julie De Bruyn

Article 29 Working Party, the European data protection advisory body, has published its report on the ‘cookie sweep’ that was carried out in September last year in partnership with data protection authorities and other regulators across 8 Member States (Czech Republic, Denmark,
Continue Reading EUROPE: European cookie sweep results published: average of 34.6 cookies per website.

Article 29 Working Party adopts guidelines on the implementation on the Right to be Forgotten judgment of the CJEU

By Patrick Van Eecke & Julie De Bruyn

The Article 29 Working Party, the European data protection advisory body existing of representatives of the national data protection authorities of the EU Member States, announced yesterday to have adopted guidelines – for national data protection authorities – on the implementation of the Court of Justice’s ruling on the right to be forgotten.


Continue Reading Europe: Right to be forgotten guidelines adopted by WP29

By Patrick Van Eecke and Antoon Dierick

Almost five months after federal parliamentary elections took place, the negotiators from the four political parties around the negotiating table (Flemish parties NVA, CD&V and Open VLD and Walloon party MR) reached a coalition agreement which contains quite a few interesting policy initiatives
Continue Reading BELGIUM: Belgian government’s new focus on privacy and technology laws