• Google and peers in 'legal limbo' over EU data transfers, company's top lawyer says
    27 September 2018
    Google and other large companies find themselves in "legal limbo" over their compliance with EU data-transfer rules, the search giant's global privacy counsel said today, as EU judges prepare to review some of the methods used to shift data outside the bloc.

    Under EU data-privacy laws, companies can move personal data outside the bloc via several legal instruments. These include data-transfer deals with non-EU countries, binding corporate rules between a company's different subsidiaries, and boilerplate legal contracts for transfers to non-EU countries that are approved by the European Commission.

    By Vesela Gladicheva.

    To request the full article please click here >

  • Lenovo's $8.3 million settlement over tracking software considered by federal judge
    20 September 2018
    Lenovo’s proposed $8.3 million settlement — aimed at resolving litigation alleging that the Chinese computer maker violated US privacy laws by preinstalling tracking software on certain laptops, leaving them vulnerable to hackers — appears to be poised for preliminary approval by a federal court.

    US District Judge Haywood Gilliam in Oakland only had a few minor questions at a hearing Thursday about the proposed notice that would be sent to class members. However he did not say specifically that he will grant preliminary approval.

    Under the deal, Lenovo would pay class members $7.3 million, and co-defendant Superfish, maker of the tracking software, would pay $1 million.

    By Amy Miller

    To request the full article please click here >

  • Facebook and others voice concerns over GDPR data-officer teething problems
    20 September 2018
    Companies from Facebook to Accenture and Liberty Global are still getting to grips with the exact scope of the tasks of their newly-required Data Protection Officers (DPOs), months after the EU law introducing them came into effect. That's according to senior legal representatives from those companies and more, speaking at data-protection events in Europe this week.

    DPOs are meant to independently oversee an organization’s correct application of the new EU law that protects personal data. The EU General Data Protection Regulation is clear about many of the officers’ tasks, such as their responsibilities and the need for funding and training, but overall they must figure out themselves how they can be most effective in their role. Companies can face sanctions for failing to protect citizens' data adequately, under the GDPR.

    Stephen Deadman, Facebook’s DPO, said at an event in Dublin* that the platform is hiring more people to deal with privacy issues internally, but said there is no standard skillset for a DPO, and “different companies have different approaches.”

    By Cynthia Kroet and Vesela Gladicheva

    To request the full article please click here >

  • Google and Facebook are the talk of Brussels as EU elections loom
    06 September 2018
    How to regulate US tech giants is shaping up to be a key theme in next year’s EU elections, as Europe’s ruling parties try to galvanize public support in the face of new populist contenders.

    The European People’s Party, a symbol of the EU establishment and the biggest group in the European Parliament, has notably turned its sights on “huge Internet companies” in recent weeks, with a focus on finding a “fair” solution to regulating them.

    That stands in contrast to the last election in 2014 when Jean-Claude Juncker — then the EPP’s candidate for the European Commission presidency, which he won — campaigned on a platform of unlocking the huge potential of the digital economy.

    By Micheal Acton and Karoline Del Vecchio.

    To request the full article please click here >

  • EU-Japan data-transfer deal set for implementation by end of 2018
    05 September 2018
    The EU’s data-transfer agreement with Japan is one step closer of being implemented, as the European Commission today started the procedure to adopt the adequacy decision approving Japan’s data-protection regime.

    The procedure should be finalized by the end of the year, Justice Commissioner Věra Jourová said at a briefing in Brussels today.

    The EU and Japan agreed the data-transfer deal in July this year, which should ease the regulatory burden on businesses transferring information between the two territories.

    By Cynthia Kroet.

    To request the full article please click here >