On July 8, 2019, the UK Information Commissioner’s Office (ICO) announced its intention to fine British Airways GBP 183.39 million over a data breach in which the personal data of approximately 500,000 customers was compromised.[1] If made final, the fine—equivalent to approximately U.S. $230 million—would be the biggest fine ever issued by the ICO as well as any Supervisory Authority (SA) in the European Union.
Continue Reading Massive GDPR Fine Proposed by UK ICO Confirms Trend of Increased Focus on EU Data Breaches
Belgian Data Protection Authority Is Up and Running
On April 25, 2019, the new chairman and the four directors of the new Belgian data protection authority were sworn in before the Belgian Parliament. This marks a new era for data protection law in Belgium.
Background
Following the effective date of the General Data Protection Regulation (GDPR) on May 25, 2018, the Belgian Privacy Commission was restructured into a Supervisory Authority under the GDPR, thus becoming the Belgian Data Protection Authority. It was given new enforcement powers, including the ability to impose fines up to €20 million or 4 percent of total worldwide annual turnover (whichever is higher).Continue Reading Belgian Data Protection Authority Is Up and Running
Court of Justice Dismisses Privacy Class Action Against Facebook but Allows Max Schrems to Sue in Austria
In yet another round of Schrems versus Facebook, on January 25, 2018, the Court of Justice of the European Union (CJEU) ruled that privacy activist Max Schrems is a consumer with regard to his Facebook
Continue Reading Court of Justice Dismisses Privacy Class Action Against Facebook but Allows Max Schrems to Sue in Austria
EU-U.S. Privacy Shield Passes First Annual Review
On October 18, 2017, the European Commission (EU Commission) published its report on the first annual review of the EU-U.S. Privacy Shield Framework (Privacy Shield). The EU Commission confirms that the Privacy Shield ensures
Continue Reading EU-U.S. Privacy Shield Passes First Annual Review
EU Commission Publishes Proposal for e-Privacy Regulation: The Top Nine Key Points You Need to Know
On January 10, 2017, the European Commission published a Proposal for a Regulation that if adopted would have significant and far-reaching implications for Internet-based services and technologies.
The proposal seeks to revise the current EU
Continue Reading EU Commission Publishes Proposal for e-Privacy Regulation: The Top Nine Key Points You Need to Know
Article 29 Working Party Issues Statement Following Adoption of EU-U.S. Privacy Shield
On July 26, 2016, the body of European Data Protection Authorities (DPAs)—the “Article 29 Working Party” (WP29)—issued a statement commending the improvements made to the EU-U.S. Privacy Shield (Privacy Shield). Although the WP29 continues to
Continue Reading Article 29 Working Party Issues Statement Following Adoption of EU-U.S. Privacy Shield