On October 18th and 19th, the second annual Privacy Shield assessment will be held. The discussions will unfold in a clearly less favorable context than when the Privacy Shield was created. This is reflected in the European Parliament’s resolution dated July 5th 2018, which called upon the Commission to suspend the Data Protection Shield until…

The deadline of 25 May has passed. The General Data Protection Regulation is henceforth applicable in the 28 Member States of the European Union but it also applies to external players who want to comply with protective provisions. On 21 June, the Parliamentary Agora@ of the FIC (International Cybersecurity Forum) was the opportunity to discuss the implications of…

In a study published last December upon the request of CEIS and Microsoft, we highlighted the implications that the so called “Microsoft Ireland Warrant Case”, opposing the U.S. government to Microsoft before the US Supreme Court, could have for personal data protection of European citizens and national digital sovereignty. The Supreme Court’s decision was expected…

  The GDPR includes the notion of “medical data” in its definition of personal data concerning health. How do your organisational processes respond to the imperatives of formalism and governance?  Health data is already required to meet many protection and management obligations in a broad sense. It falls into the realm of sensitive personal data….