Focusing on the latest digital trends and risks and developments in the field of data protection, privacy, information and cyber law.

EMA and HMA set up big data task force to establish roadmap on the use of big data in medicines assessment

Eveline Van Keymeulen

On 23 March 2017, the European Medicines Agency (EMA), together with the Heads of Medicines Agencies (HMA), established a new task force “to explore how medicines regulators in the EEA can use big data to support research, innovation and robust medicines development” in order to improve human and animal health.  The task force is composed Read More

BCRs under the GDPR: Practical considerations

Wanne Pemmelaar

Modern businesses increasingly depend on the free data flows between business units, customers and third parties. As new legislation and developments shake up the existing principles of cross- border data transfer, many internationally operating organisations turn to Binding Corporate Rules (BCRs). The BCRs can be a key element not only for the compliant cross-border data Read More

Article 29 Working Party adopts Guidelines on the “lead supervisory authority”

Peter van Dyck

One of the key innovations of the upcoming General Data Protection Regulation (GDPR) is the so-called one stop shop principle.  This principle aims to avoid companies that undertake cross-border processing of personal data finding themselves subject to a plurality of competent data protection authorities. Concretely, the GDPR provides that the data protection authority in the Read More

DPOs and the GDPR: Part 2 – Appointing a DPO

Ondrej Kramolis

In its newly published opinion, the Article 29 Working Party (WP29) provides some useful input into discussion on the nature of the role of data protection officers (DPOs) under the GDPR. This is a question which many organisations have been grappling with, as they assess who should take on this role. The WP29 considers the qualifications Read More

DPOs and the GDPR: Part 1 – When is a DPO needed?

Catherine di Lorenzo

On 16 December 2016, the Article 29 Working Party (WP29) released highly anticipated guidelines on some of the most critical matters in the implementation of the General Data Protection Regulation (GDPR). These guidelines are not legally binding, but local data protection authorities are likely to follow them.  The WP29 does invite comment on the guidelines Read More

ePrivacy laws – draft Regulation leaked

Charlotte Mullarkey

As anticipated, a draft of the proposed replacement EU ePrivacy law has been leaked. While this draft still appears to be under review, it does provide an interesting indication of what we are likely to see in the proposed legislation next month. Given the extent of discussion around this revision, and the attention given to Read More