Category Archives: Europe

Subscribe to Europe RSS Feed

Assessing GDPR Guidelines Part II: Data Impact Assessments

Following up on yesterday’s blog about profiling and automated decision making, we now look at guidance on data protection impact assessment (DPIA). The same guidance we discussed also directs companies to conduct a DPIA where profiling or automated decision making results in the “systematic and extensive evaluation” of an individual and decisions are made based … Continue Reading

Assessing GDPR Guidelines Part I: Profiling and Automated Decision Making

The Article 29 Data Protection Working Party recently issued guidelines on how to handle profiling and automated decision making under the General Data Protection Regulation. Under GDPR, “profiling” means the automated collection of personal information in order to evaluate personal aspects about an individual. For example, companies may use profiling to predict individuals’ spending habits, targeting … Continue Reading

EU Concludes Privacy Shield Still Adequate

In the much anticipated first annual review of the EU-US Privacy Shield program, the European Commission concluded that the program continues to provide adequate protection for personal information transferred from Europe to the United States. The Privacy Shield lets EU entities send personal information to participating US companies without running afoul of EU law – law … Continue Reading

EU-US Privacy Shield: Brace Yourself . . . or Maybe Not

On February 29, 2016, the European Commission and United States released the terms of the much-anticipated renewed framework for the transfer, sharing, and processing of European individuals’ data to the United States. The framework replaces the “Safe Harbour” mechanism, which enabled U.S. companies to transfer data from the EU to the United States by self-certifying … Continue Reading
LexBlog