AI, Artificial Intelligence, EU, Blockchain
Europe Issues Guidance on the Interplay Between Data Protection and Generative AI
By Max Landaw on June 10, 2024
Privacy Law, European Union, EU, international data transfers
EU-US Data Privacy Framework in Force: EU Commission Grants Adequacy Determination to the US
By Max Landaw on July 10, 2023
Schrems, GDPR, Privacy Law, Privacy Shield, EU
Third Time’s a Charm? The New EU-US Data Privacy Framework and the US’s Pursuit of an EU Adequacy Decision under GDPR
By Max Landaw on October 20, 2022
European Union, EU, social media platforms
European Union Passes Digital Services and Markets Acts to Increase Pressure for Transparency
By Max Landaw on May 27, 2022
Brand Protection, Blockchain, NFTs
Brand Protection Today – Article 9: Brand Proliferation through Non-Fungible Tokens (NFTs)
By Tatyana Ruderman on April 04, 2021
Brand Protection, Blockchain
Brand Protection Today Article 8: The Future of Brand Protection—Blockchain
By Tatyana Ruderman on March 24, 2021
EU, Privacy Shield, GDPR, Schrems, Standard Contract Clauses, Model Contracts, consent, transborder
Schrems II: Where Do We Go From Here?
By W. Scott Blackmer on July 16, 2020
Blockchain, Illinois
Tatyana Ruderman Interviewed by CoinDesk on Illinois’ new Blockchain Technology Act
By InfoLawGroup LLP on January 10, 2020
GDPR, General Data Protection Regulation, EU, European Union, liability, fines, penalties, consent, legitimate interests, privacy policy, Google, personalization, advertising
Google Fined $57 Million under GDPR
By W. Scott Blackmer on January 23, 2019
European Union, EU, Privacy Shield, Federal Trade Commission, FTC Settlement, Privacy Policy, Privacy and Data Security
FTC Aims to “Aggressively Enforce” EU-U.S. Privacy Shield
By Tatyana Ruderman on October 11, 2018
behavioral analytics, behavioral marketing, behavorial advertising, cookies, EU, European Union, Google, international, Privacy Policy
European Criticism for Google's New Privacy Policy
By W. Scott Blackmer on February 28, 2012
Google's new privacy policy (and its plans to create user profiles across multiple online services) has drawn fire from European data protection authorities. Online and mobile retailers and service providers should take account of a renewed emphasis on transparency and proportionality in collecting data about users.
data protection, EU, international, transborder data flows
Transborder Data Flows at Risk
By W. Scott Blackmer on February 20, 2012
The conditions for transborder data flows may become more uniform in the EU under the proposed Data Protection Regulation, but restrictions on foreign data transfers are now appearing in new data privacy laws and regulations in several regions of the world, posing global compliance challenges.
Cloud, cloud computing, EU, EU Data Protection Directive, EU Directive, European Union, Germany, international data transfers, Safe Harbor, transborder data flows
European Reservations?
By W. Scott Blackmer on August 25, 2010
German state data protection authorities have recently criticized both cloud computing and the EU-US Safe Harbor Framework. From some of the reactions, you would think that both are in imminent danger of a European crackdown. That's not likely, but the comments reflect some concerns with recent trends in outsourcing and transborder data flows that multinationals would be well advised to address in their planning and operations.
Binding Corporate Rules, clauses, cloud computing, consent, contract, controller, EU, EU Data Protection Directive, EU Directive, European Union, offshoring, outsourcing, processor, Safe Harbor, sstandard, standard contractual clauses
Do the New EU Processing Clauses Apply to You?
By W. Scott Blackmer on June 10, 2010
A new set of EU standard contract clauses ("SCCs" or "model contracts") for processing European personal data abroad came into effect on May 15, 2010. Taken together with a recent opinion by the official EU "Article 29" working group on the concepts of "controller" and "processor" under the EU Data Protection Directive, this development suggests that it is time to review arrangements for business process outsourcing, software as a service (SaaS), cloud computing, and even interaffiliate support services, when they involve storing or processing personal data from Europe in the United States, India, and other common outsourcing locations.
acceptable use policy, behavioral marketing, confidentiality, data protection, EU, European Union, Facebook, Federal Trade Commission, fraud, FTC, identity theft, privacy, social media, social networking
Social Networking: Setting Boundaries in a Borderless Brave New World
By W. Scott Blackmer on May 29, 2010
Social networking entails some risks and responsibilities. It may implicate privacy and labor law, confidentiality and nondisclosure agreements, advertising regulations, defamation, and other legal regimes, across borders in a global medium. Users, and their employers, need to be aware of these risks and responsibilities in deciding how to make best use of social media.
appropriate, EU, EU Data Protection Directive, international, reasonable, security measures
Code or Clear? Encryption Requirements (Part 3)
By W. Scott Blackmer on October 01, 2009
In other posts, I addressed the trend in the United States to require encryption for certain categories of personal data that are sought by ID thieves and fraudsters - especially Social Security Numbers, driver's license numbers, and bank account or payment card details - as well as for medical information, which individuals tend to consider especially sensitive. These concerns are not, of course, limited to the United States. Comprehensive data protection laws in Europe, Canada, Japan, Australia, New Zealand and elsewhere include general obligations to maintain "reasonable" or "appropriate" or "proportional" security measures, usually without further elaboration. Some nations have gone further, however, to specify security measures.
