Data sharing

Allen & Overy updates UK data protection App “Access Assist”

Nigel Parker

Whilst most data privacy specialists are understandably focused on moving towards compliance with the GDPR, it is important not to lose sight of existing challenges. One particular challenge among them, for many, is dealing with data subject access requests. These requests are a perennial problem for many businesses, often made by disgruntled employees or customers Read More

No Comments

What hangs in the balance in Microsoft’s win against the U.S. government?

Keren Livneh

On July 14, 2016, the Court of Appeals for the Second Circuit reversed a District Court decision ordering Microsoft to comply with a warrant issued in a U.S. narcotics trafficking investigation to produce a customer’s web-based emails, stored exclusively on servers in Ireland. The Second Circuit held that the Stored Communications Act (SCA), under which Read More

No Comments

In a privacy paradigm shift, Microsoft sues the US government.

Keren Livneh

On April 15, 2016, Microsoft filed suit against the U.S. Department of Justice and Attorney General in the Western District of Washington (where Microsoft is headquartered), seeking a declaration that a provision of the Electronic Communications Privacy Act is unconstitutional on the basis that it prohibits Microsoft from notifying its customers when a warrant is Read More

No Comments

Privacy by design – is there such a thing as too much?

Karishma Brahmbhatt

Privacy by design has been one of the buzzwords of the General Data Protection Regulation (GDPR), with the Regulation going so far as to say that “in order to be able to demonstrate compliance with this Regulation, the controller should adopt internal policies and implement measures which meet in particular the principles of data protection Read More

No Comments

A leap forward for the EU-US Privacy Shield

Nigel Parker

Taking advantage of our extra day this month, the European Commission has today issued a press release summarising the steps taken to restore trust in transatlantic data flows following the 2013 surveillance revelations and the 2015 judgment of the CJEU in the Schrems case. The press release is accompanied by a draft “adequacy decision” as Read More

No Comments

Practical steps for navigating data protection issues in cross-border regulatory investigations

Nigel Parker

Regulators, courts and law enforcement authorities in the US (and other jurisdictions around the globe) have developed an insatiable appetite for access to data – including personal data – held by financial institutions. Such data is often not held in the jurisdiction where the regulator is requesting it. Where this is the case, financial institutions Read More

No Comments