Amid the rising number of cases of COVID-19 in Europe, it has been reported that certain telecommunication companies may have agreed to share anonymous mobile phone geolocation data with the European Commission (the “Commission”). According to the report, the Commission will aggregate this geolocation data to coordinate measures to halt the spread of COVID-19

The European Data Protection Board (“EDPB”), an EU body of national supervisory authorities and the EU Commission, released today the text of draft guidelines on processing personal data in the context of connected vehicles and mobility-related applications (the “Draft Guidelines”), which it had adopted at its January 28–29 meeting. The Draft Guidelines provide examples of

On January 14, the French data protection authority (the “CNIL”) released a proposal for a set of practical requirements for placing cookies in web-based and mobile application environments (the “Recommendations”).

The Recommendations1 follow the CNIL’s publication in July 2019 of guidelines summarizing the applicable cookies framework and its later consultation with stakeholders in the

Cyber attacks now reach a broad range of connected devices, ranging from connected toys, fitness trackers, home alarm systems, cars and medical devices to connected manufacturing and infrastructure. Attacks on this broad range of connected devices—often referred to as the Internet of Things—can raise distinct issues from incidents involving enterprise systems.

Continue reading.

This market trends article identifies comprehensive disclosures related to cybersecurity risks, including discussions about the potential reputational, financial, or operational harm resulting from cybersecurity breaches; the potential associated litigation or regulatory costs; and their policies and procedures addressing cybersecurity incidents, and concludes with practical advice on preparing the required disclosures regarding cybersecurity risks and incidents.

The European Data Protection Board (“EDPB“) published on April 12, 2019 the draft Guidelines 2/2019 (the “EDPB Guidelines“) on the processing of personal data under Article 6(1)(b) of the General Data Protection Regulation (the “GDPR“)1 in the context of the provision of online services to data subjects (

This article, published in Computer Law & Security Review, takes a look at the Hong Kong Monetary Authority (HKMA)’s Open Application Programming Interface Framework for the Banking Sector (Open API Framework), which was issued on 18 July 2018, with the aim to encourage the development of innovative technology solutions and the amalgamation of information by

The Employment & Benefits group is pleased to announce the publication of A Global Guide to Employee Data Privacy, the latest in our series of global guides.

Benefits of the Guide

Our largest guide to date, it is designed to help employers with operations in more than one country navigate the specific, and increasing,

GDPR Day (i.e., May 25, 2018) has passed, bringing with it higher standards for data privacy, but there is more to be done: the European Union (“EU”) is working hard to finalize its reform of the ePrivacy Directive, an effort initiated in January 2017 when the EU Commission adopted a proposal for a Regulation on

On June 8, 2018, a political agreement was reached in the European Union (“EU”) that paves the way to an EU framework that would set up certification schemes to apply to a range of online services and connected consumer devices, as well as the transformation of the mandate of the European Union Agency for Network