Privacy Shield – (some of) what you need to know

What is it? Despite the name, it’s not a feminine hygiene product. It’s the long-awaited replacement for Safe Harbour, the data protection scheme allowing data on EU citizens to be exported to the US for processing. You can read more on this blog about why Safe Harbour needed replacing. When does it take effect? It … Continue reading Privacy Shield – (some of) what you need to know

General Data Protection Regulations – the headlines

What are the GDPR? New regulations that are presently expected to come in to force in 2018, governing how companies operating in the EU deal with the personal data of EU residents. What is personal data? Any information that may be used to single out an individual. This is a broader definition than the one … Continue reading General Data Protection Regulations – the headlines

Left hand, right hand, other hand – what a mess!

Still chewing through the GDPR, so that’ll have to wait. In the meantime, more evidence that the nicest word we can use to describe the current state of data protection in Europe is…disconnected. First we have the European Commission desperately trying to reach an accommodation with the US on Safe Harbour after the European Court … Continue reading Left hand, right hand, other hand – what a mess!

Wake up! Safe Harbour is still dead. (Where’s your data – oh no, not more of this)

The Safe Harbour problem isn’t going away. I know, I know, you’re bored now. TL;DR and all that. Well, sorry, but I find this stuff interesting, and you should too. Why? Because it looks like February 2016 is when things will get nasty. Nasty how? Expensively. It’s all still opinion, but after the Germans weighed … Continue reading Wake up! Safe Harbour is still dead. (Where’s your data – oh no, not more of this)

Death of the internet or birth of better privacy?

Microsoft and Amazon have both revealed that they are building data centres in the EU. In Microsoft’s case, Deutsche Telekom will be the data “trustee”; I assume this is in part an anticipatory response to the ongoing Stored Communications Act lawsuit presently in progress in Dublin (in brief, a case to determine whether US government … Continue reading Death of the internet or birth of better privacy?

Schrems and Safe Harbour – it gets worse (where’s your data second reprise)

So this month we’ve seen the ECJ torpedo the Safe Harbour agreement which allows businesses handling personal data on EU citizens to transfer it to the US. I wrote about it here and here. The immediate effect was for affected businesses to look for other ways to legitimise carrying on as they had before, such … Continue reading Schrems and Safe Harbour – it gets worse (where’s your data second reprise)

Safe Harbor is officially dead. Now what? (Where’s your data: reprise)

A few days ago, I wrote about European Court of Justice Advocate General Yves Bot. He had decided that Facebook shouldn't have transferred data about an Austrian student to its US data centres. At the time, this was just an opinion. Now it's an official ruling by the ECJ. This is where it gets interesting. … Continue reading Safe Harbor is officially dead. Now what? (Where’s your data: reprise)