On June 28, 2023, the European Commission (EC) published a Proposal for a Regulation on Financial Data Access (FIDA). FIDA aims to create a framework through which data holders (e.g., banks, credit institutions) share the financial data they hold with other players in the finance industry (e.g., fintech companies). Customers of financial institutions will be able to control i) which data is shared, ii) with whom, iii) for what purpose, and iv) for how long. If adopted, FIDA will further liberalize financial data sharing in the EU.Continue Reading European Commission Proposes New Rules on Financial Data Access and Use
Nikolaos Theodorakis
Europe Prepares for a New Era in AI Regulation
Posted in European Union, Privacy
In Europe, recent advances in artificial intelligence (AI) have given rise to intense debate over how this technology should be regulated. Companies that have developed AI tools, or who are considering implementing AI, should assess the implications of recent legislative developments and regulatory action. This alert discusses the most recent legislative and regulatory developments in Europe and identifies key steps companies should take in light of these developments.Continue Reading Europe Prepares for a New Era in AI Regulation
European Commission Seeks Companies’ Input on GDPR Enforcement
Posted in European Union, Privacy
On February 24, 2023, the European Commission (EC) opened a public consultation on its initiative (Initiative) to revise procedural rules relating to the enforcement of the EU General Data Protection Regulation (GDPR). The EC invites…
Continue Reading European Commission Seeks Companies’ Input on GDPR EnforcementEU Regulators Adopt Opinion on Draft EU-U.S. Data Privacy Framework
Since the invalidation of the Privacy Shield framework in 2020 in the “Schrems II” case, the EU and the U.S. have been working to set up a new framework for data flows from…
Continue Reading EU Regulators Adopt Opinion on Draft EU-U.S. Data Privacy FrameworkCJEU Finds That Companies Must Provide Individuals with the Identity of Data Recipients When Responding to Data Access Requests
Posted in Privacy
On January 12, 2023, the Court of Justice of the European Union (CJEU) ruled1 that the data subject’s right of access to personal data2 requires controllers to provide the data subject with the…
Continue Reading CJEU Finds That Companies Must Provide Individuals with the Identity of Data Recipients When Responding to Data Access RequestsEU Court Opinion: Competition Authorities May Consider Data Protection Breaches in Their Investigations
By Petros Vinis, Deirdre Carroll, Nikolaos Theodorakis, Laura Brodahl, Laurine Daïnesi Signoret & Mia Gal on
Posted in European Union, Privacy
On September 20, 2022, an adviser to the EU’s top court opined that competition authorities may consider a company’s compliance with the EU’s data protection rules as part of an abuse of dominance investigation.
In…
Continue Reading EU Court Opinion: Competition Authorities May Consider Data Protection Breaches in Their Investigations