On September 6, 2023, the European Commission (EC) returned from its summer break with full force and announced the designation of six tech companies as so-called “gatekeepers” under the EU’s Digital Markets Act (DMA) and
Continue Reading Into the Final Stretch: Six Gatekeepers Confirmed Under the EU’s Digital Markets Acts
On June 21, 2023, a request for a preliminary ruling on the scope of the term “undertaking” in Article 83(4) to (6) of the General Data Protection Regulation (GDPR) was lodged with the Court of Justice of the EU (CJEU). This concept is critical for companies facing enforcement action as it is used as a reference point to determine the cap for GDPR fines.Continue Reading Missteps in Mixing EU Data Protection and Competition Law: A Call for Boundaries
On July 10, 2023, the European Commission (EC) adopted an adequacy decision in relation to the EU-U.S. Data Privacy Framework (DPF). This paves the way for organizations to certify to the DPF, reducing friction for transfers of personal data from the EU to the U.S., and allowing companies to simplify their compliance with EU data flow restrictions. It thus represents a major development in the regulation of data flows from the EU to the U.S.Continue Reading EU and U.S. Finalize Data Privacy Framework: Here’s How to Get Certified
Midnight on July 3, 2023, heralded the deadline for potential gatekeepers to notify the European Commission (EC) as to whether they meet the thresholds for gatekeepers set out in Article 3 of the Digital Markets Act (DMA).Continue Reading The Final Countdown: Designation of Digital Platforms Under the EU’s Digital Markets Act Formally Underway
In a landmark judgment issued on July 4, 2023, the European top court, the Court of Justice (ECJ), ruled that competition authorities in the EU can consider a company’s compliance with the EU’s data protection rules when assessing whether it abused its dominant position. In addition, the ECJ ruled on important General Data Protection Regulation (GDPR) clarifications on the legal bases for personalized advertising.
The judgment sets out how competition agencies should cooperate with data protection agencies when conducting competition investigations involving the consideration of whether a company’s data collection and processing practices comply with EU data protection rules.Continue Reading EU’s Top Court Rules That Competition Authorities Can Consider Data Protection Breaches in Their Investigations
On June 28, 2023, the European Commission (EC) published a Proposal for a Regulation on Financial Data Access (FIDA). FIDA aims to create a framework through which data holders (e.g., banks, credit institutions) share the financial data they hold with other players in the finance industry (e.g., fintech companies). Customers of financial institutions will be able to control i) which data is shared, ii) with whom, iii) for what purpose, and iv) for how long. If adopted, FIDA will further liberalize financial data sharing in the EU.Continue Reading European Commission Proposes New Rules on Financial Data Access and Use