This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 12 Issue: 1
(January 2015)


The French Data Protection Authority (CNIL) issued Decision 2014-500, on 13 January, laying out the framework which companies need to comply with in order to be conferred the newly created IT governance and accountability seal. / read more

US President Barack Obama called for federal rules to improve online privacy and increase protections for consumers and companies from cyber threats, during his speech at the Federal Trade Commission (FTC) on 12 January 2015. / read more

The amendments to Federal Law no. 152-FZ (‘the Data Localisation Provisions’), which prohibit the storage of personal data relating to Russian citizens outside the Russian Federation, will now come into force on 1 September 2015. / read more


Public atrocities always attract some kind of political reaction. Generally, the more brutal the atrocity, the harsher the reaction. It is understandable from the perspective of political responsibility. So when defenceless people are mercilessly attacked by gunmen as punishment for their satirical views, a very visible reaction is to be expected. However, political reactions to grave situations need not only visibility, but measured thinking and careful decision-making. The reaction to a violent and criminal act can often have more far-reaching implications than the act itself, leading to an escalation of violence. At the same time, doing nothing to protect citizens from harm is not a responsible option. As with many political decisions, securing public safety is a balancing exercise of robustness and restraint. / read more

2014 was a very eventful year for data privacy regulation in Asia and there are reasons to believe that 2015 will represent a turning point for the region, as established privacy regimes are toughened and new regimes enacted in recent years begin to mature. Mark Parsons and Peter Colegate, Partner and Associate respectively at Hogan Lovells, Hong Kong, take a close look at the region’s developments and provide insight into what 2015 holds. / read more

Steve Wright comments on his obligations, challenges and concerns as global Chief Privacy Officer (CPO) at Unilever. This article forms part of a regular feature for Data Protection Law & Policy, which provides an in-house perspective on privacy. / read more

On 26 November 2014, the Article 29 Working Party (WP29) issued Guidelines on the interpretation of the Court of Justice of the European Union (CJEU) ruling on Google Spain v the Spanish Data Protection Authority and Mario Costeja Gonzalez (‘the Ruling’), setting out a list of common criteria that European data protection authorities (DPAs) would take into account when considering the right to be forgotten (‘RTBF’) in relation to complaints received from individuals. According to Nuria Pastor, Senior Associate at Fieldfisher London, the Guidelines are in line with the Ruling but they further elaborate on certain legal and practical aspects of it and, as a result, offer invaluable insight into the DPAs vision of the future of the RTBF. / read more

2014 was quite fruitful in terms of learning about new guidelines from the Court of Justice of the EU (CJEU) on privacy issues. While everyone is still discussing the consequences of the famous Google case, the quite minor dispute between one individual and the Czech Data Protection Authority (DPA) reached its final stage in Luxembourg but may have no less significant impacts on EU citizens. Richard Otevřel, Of Counsel at Havel, Holásek & Partners, provides background to the CJEU case C-212/13 František Ryneš vs Úřad pro ochranu osobních údajů and discusses the CJEU’s narrow interpretation of the ‘household exemption’ to data processing under the Data Protection Directive (95/46/EC) (‘the Directive’). / read more

On the 27 June 2014 the Convention on Cyber Security and Personal Information (‘the Convention’) was adopted at the 23rd Ordinary Session of the Assembly of the African Union (‘AU’). This represents the first continent wide cyber convention in Africa. Christophe Fichet and Yaël Hirsch, Partner and Associate respectively at Simmons & Simmons LLP, discuss the key provisions of the Convention and assess the implications on national cyber and data privacy laws in Member States of the AU. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Can’t find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed