by Matthias Horn// On 7th October US President Biden signed an Executive Order called “Enhancing Safeguards for United States Signals Intelligence Activities (E.O.)”. The E.O. is the first concrete legal step of the US Government to address the challenges on…
Supreme Court of Japan: Deletion of Tweets on Twitter
by Toshihiro Wada// The Supreme Court of Japan (SCJ) adjudicated for the first time on the deletion of tweets on Twitter which referred to the arrest of a specific individual.1 This article describes the new judgment of the SCJ. A.…
Should I pay or should I not?
by Barbara Schmitz // The economic significance of data-driven business models is obvious. The European Data Strategy estimates that the data economy will be worth EUR 829 billion in 2025. This would mean that the value would have almost tripled…
DMA and GDPR: A Boost for Enforcement or Incoming Conflicts?
by Christina Etteldorf// With the publication of the text reflecting the final agreement between the EU legislative bodies on the Digital Markets Act (DMA)1, we now have a pretty clear picture of what the regulation of so-called gatekeepers to protect…
Public Procurement and Schrems II: No public contract with US provider?
A Public Procurement Chamber excluded a tender from a Public Procurement procedure since the tenderer contracted an US provider processing personal data.1 The Chamber held a contractual clause, granting access to law enforcement agencies according to US law, is in…
EDPB: Guidelines on the calculation of fines
by Gerald Trieb und Roman Haller// The European Data Protection Board (EDPB) has recently issued guidelines on the calculation of administrative fines under the GDPR for public consultation. Therein, a five-step process is presented, according to which the calculation of…
Cookie Policy: To what extent are Spanish Public Entities obliged?
//by Xavier Seguí López// In regard to the January 2022 resolution of the EDPS against the European Parliament about the use of third-party analytical Cookies (Google Analytics) on its website about Covid-19 (https://europarl.ecocare.center/), I am going to discuss the current…
Canadian Privacy Law Reform and the GDPR: Keeping up with the Johans*
//by Else Khoury// Since the introduction of the GDPR in 2018, countries around the world have scrambled to update their privacy laws. The obvious reason for doing so is to ensure that their own privacy laws are equivalent to the…
Agreement “in principle” on Trans-Atlantic Data Flows
by Matthias Horn// On March 25th the EU Commission and the United States announced an agreement “in principle” on a new Trans-Atlantic Data Privacy Framework. The agreement aims to foster – or rather maintain – Trans-Atlantic personal data flows the…
Data transfer to Russia and China in times of crisis
Peter Hense und Bettina Blawert// In light of the “changed security policy situation” following Russia’s invasion of Ukraine, the Norwegian data protection regulator recently encouraged any company that exports personal data to Russia and Ukraine to review its practices to…