This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 13 Issue: 2
(February 2016)


The US House of Representatives passed, on 10 February 2016, the Judicial Redress Act 2015 (‘the Bill’), approving without objections, the amendment (‘the Amendment’) made by the Senate on 9 February 2016. The Amendment modifies the definition of ‘covered country’ thereby revising the scope of the right to redress available to citizens under the Bill. / read more

The Brazilian Ministry of Justice is conducting, between January and February 2016, a public consultation on the draft Internet Decree (‘the Draft’) which seeks to regulate the Civil Rights Framework for the Internet 2014 (Law no. 12.965). The Draft includes sections on net neutrality, online privacy and data retention, which companies must embrace when dealing with user’s data. / read more

The Italian Supreme Court (‘the Supreme Court’) published, on 4 February 2016, its ruling dismissing an appeal filed by Enel Energia s.p.a. and Reitek s.p.a., against a decision of the Italian data protection authority (‘Garante’) on the use of silent calls as part of their telemarketing strategy (‘the Ruling’). / read more


It is slightly ironic that after all the work that has gone into the European data protection reform, culminating in the agreement on the General Data Protection Regulation, the main compliance efforts taking place right now seem to be focused on the restrictions on international dataflows under the good old Data Protection Directive (95/46/EC). Expected or not, the Court of Justice of the European Union’s ruling declaring the invalidity of Safe Harbor as a lawful mechanism for data transfers, blew a massive hole in the compliance armour of the international business community, which we are still coming to terms with. Several months on from the ruling and while we eagerly wait for the regulators’ verdict on the EU-US Privacy Shield, it is perhaps a good time to take stock and lay down some inescapable facts affecting the reality of the situation. / read more

Following weeks of intense discussions between EU and US officials, it was announced, on 2 February 2016, that political agreement had been reached on a new framework for transAtlantic data flows. The announcement of the ‘EU-US Privacy Shield’ by the European Commission was the latest in a series of developments and reactions in the aftermath of the Court of Justice of the European Union’s (‘CJEU’) judgement on 6 October 2015 in the Schrems case, rendering Commission Decision 2000/520 on Safe Harbor invalid. William Long and Francesca Blythe, Partner and Associate respectively at Sidley Austin LLP, provide their insights into what is currently known regarding the Privacy Shield. / read more

Big Data represents a precious resource for businesses, but its exploitation requires the previous consideration of certain data protection questions, including the legal ground for data processing and profiling issues. Hannah Crowther, Associate at Bristows LLP, investigates the matter in light of the General Data Protection Regulation (‘GDPR’) framework. / read more

On 2 February 2016, the UK Information Commissioner’s Office (‘ICO’) published a revised Privacy Notices Code of Practice (‘the Code’)1, and also opened a consultation into its revised version of the Code2. The consultation closes on 24 March 2016. Laura Scaife, Solicitor at Addleshaw Goddard, examines the Code’s key themes and revisions. / read more

Lawyers routinely process personal data in their activity. Data security has become a major concern given the use of cloud services and the recent implementation of a telematic civil trial system. Massimiliano Pappalardo and Daniela De Pasquale, Partners at D&P Studio Legale, analyse the data protection and security issues lawyers face in their practice nowadays. / read more

The Netherlands has seen a number of developments regarding security and data protection in the past year, including the Dutch data protection authority’s (‘DPA’) increase in enforcement capabilities and the recently implemented and upcoming security and data breach legislation. According to Berend van der Eijk, Associate at Bird & Bird LLP, from a broader perspective, the Netherlands is making substantial efforts to be and remain on the forefront of data protection. The good news for companies is that this will vet them for later EU-wide legislation such as the General Data Protection Regulation (‘GDPR’) and the Network and Information Security (‘NIS’) Directive, while the downside is that companies who do not comply with these new requirements might face a harsher regime in the Netherlands. / read more

The UK Information Commissioner’s Office (‘ICO’) enforcement activity has been focused for some time now on unsolicited direct marketing, particularly so-called nuisance calls and texts. In 2015, the ICO fined ten companies a total of almost £1 million for making unsolicited calls. The ICO’s latest announcement is that it expects to “dish out another £1 million” before the financial year end. Nick Graham and Jane Bentham, Partner and Associate at Dentons respectively, examine the practical considerations for businesses which buy, rent or rely on marketing lists compiled by third parties. / read more

Cyber crime can be defined as criminal offences that are committed by using telecommunication networks or criminal activities that involve using information acquired online. The Korean National Policy Agency classifies cyber crime into cyber-terror-type crime and general cyber crime. Cyber-terror-type crime means attacks on telecommunication networks, such as hacking or spreading computer viruses, which involve sophisticated technical factors. General cyber crime encompasses a broad range of criminal activities, such as e-commerce fraud, phishing, computer program piracy, illegal internet sites and invasion of privacy. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Can’t find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed