General Data Protection Regulation

Adtech tête-à-tête

Karishma Brahmbhatt

Complying with GDPR’s transparency and consent requirements causes a headache for the adtech industry. Since the dawn of the GDPR-era almost ten months ago, the Adtech industry has found itself the privacy equivalent of Pantone’s Color of the year. During their relatively short stint under the GDPR microscope, adtech players have already seen: 1. Web Read More

No Comments

EDPB adopts an opinion on the GDPR and Clinical Trials Regulation –clarifying the basis for processing personal data in a clinical trial context

Emma Keeling

On the 23 January 2019, the European Data Protection Board (the EDPB) adopted an opinion on the interplay between the EU Clinical Trials Regulation (536/2014) (the CTR) and the General Data Protection Regulation (2016/679) (the GDPR) (the Opinion). The Opinion aims to provide greater certainty for those conducting clinical trials, clarifying: • the distinction between Read More

No Comments

German antitrust authority restricts Facebook’s processing of user data

Catharina Glugla

On 7 February 2019 the German antitrust authority (Bundeskartellamt) found that the extent to which Facebook collects, merges, attributes to and uses data in user accounts amounts to an abuse of a dominant position on the market for social networks. Under Facebook’s current terms and conditions, users have to agree to Facebook: (1) collecting user Read More

No Comments

What impact is GDPR having on M&A deals?

Nigel Parker

Data protection issues feature increasingly in mergers and acquisitions.  This is driven by a range of factors, including in particular the growing realisation of the value of personal data to a business as well as more widespread appreciation of the risks involved in processing personal data.  The GDPR has acted as a catalyst and data Read More

No Comments

ICO Brings Some Welcome Clarification to the GDPR’s International Transfer Rules

David Smith

One of the challenges thrown up by the GDPR is understanding the interrelation between the extra-territorial scope provisions in Article 3 and the restrictions on international transfer in Chapter V. How, for example, do the international transfer restrictions apply, if they apply at all, to a data controller that has no presence in the EU Read More

No Comments

ICO guidance on data protection fees – notification is dead, long live registration

Charlotte Mullarkey

To coincide with the implementation of the General Data Protection Regulation (GDPR), the UK data protection authority, the Information Commissioner’s Office (the ICO) has issued guidance on the new proposed fee arrangement for the registration of data controllers in the UK. Assuming this proposal is approved by Parliament, the new ‘data protection fee’ will come Read More

No Comments