After its invalidation of the data retention requirements imposed by Directive 2006/24/EC in its Digital Rights Ireland decision dated 8 April 2014, the ECJ was requested to assess the compatibility with the Directive 2002/58/EC (the “ePrivacy Directive”) and the Charter of Fundamental Rights of the European Union (the “CFREU”) of a domestic legislation mandating a general and indiscriminate obligation to retain traffic and location data, without prior judicial review, for purposes including the fight against crime.). The ECJ joined the two cases which had been submitted for review and issued its decision on 21 December 2016 (the “Decision”).
(more…)

On 3 October 2016, during a conference organized by the French Comity of Car Manufacturers (“CCFA”) during the Paris Motor Show, Mrs. Sophie Nerbonne, the Compliance Director of the French Data Protection Authority (“Commission Nationale de l’Informatique et des Libertés” or “CNIL”), hosted a press conference in the ongoing fact-gathering for the CNIL’s “compliance package on connected vehicles” (link – in French) on the basis of the Act no. 78-17 dated 6 January 1978, relating to information technology, data files and civil liberties.

(more…)

K&L Gates ranked “Highly Recommended” with E. Drouard & Claude-Etienne Armingaud by Leaders League.

Source: No longer publicly available

K&L Gates is ranked in the Industry focus: IT, telecoms and the internet ranking as Band 3

Headed by E. Drouard, K&L Gates LLP’s six-lawyer team assists major companies with digital transformation, outsourcing matters and IT systems integration. It also advises on cutting-edge data protection matters. Altarea-Cogedim Group and Voyages-SNCF.com are clients, as are a number of luxury goods manufacturers and advertising groups. Senior associate Claude-Etienne Armingaud is another name to note.”

Source: Legal 500 EMEA

While the Obama administration just announced that the financing of the autonomous car would be one of its last projects during the Detroit Auto Show, the research services from the European Parliament also published a prospective note on a similar topic.

The two projects share a same ambition: reduce the death toll on the roads as well as energy consumption. (more…)

On October 6, 2015, the European Court of Justice (“ECJ”) ruled in the “Schrems”case that the U.S.-EU Safe Harbor framework on the transfer of personal data from Europe to the United States, was invalid.

Big data.” For nearly a year, marketers and CRM specialists have been more than fond of this new expression to the point of devoting several special editions of their publications to the topic.

If this neologism tends to scare the general public by its phonetic and philosophical proximity with its Orwellian bigger brother, the concept only pursues the developments initiated in the 90s through “data mining.” At that time, groups of data seemingly lacking causal or correlative relationships were subjected to mathematical analysis in the hope of discovering links between aggregated individual behaviors.

While some findings were limited to stating the obvious (such as the increased sales of appetizer upon promoting aperitif drinks), these new mathematical models allowed marketing teams to quantify the actual impact of promotions within the realm of distribution.

Other findings, however, were able to uncover less obvious ties, such as a correlation between the purchase of beer and of diapers for children by male shoppers.

These new steps in consumerism were however limited by the then-existing technology: the power of computers at the time, the introduction of data into the system and the processing time made the analysis relevant solely as a background strategy and for the emergence of certain statistical behavioral typologies, but does not allow any analytical granularity, or a real-time view. In addition, costs associated with material and human resources necessary for such analyzes prevented its access to a large crowd of users.

Nearly twenty years later, while technology has evolved in accordance with Moore’s Law, the consecration of Big Data has mainly be possible thanks to a double behavioral factors from the subjects / objects of the data analysis. Indeed, the raw material of big data remains the individuals. But those individuals have not only moved their habits to a digital world, facilitating the capture of data, but also opened up to the sharing their data in this paperless world.

It would seem that this created a data paradox: people have never advertised so freely their private life and personal data and, at the same time, the proposed revision of the EU regulatory framework for the processing personal data has seen a rarely-encountered level of lobbying. And so, today, a consumer association puts the main players of the social networking sphere on the grill, demanding that they explain their abstract contractual relationships with their users. And at the same time, the same users do not seem ready to give up the online sharing of their individual moments.

In our opinion, this view is not as paradoxical as it seems. It is instead the result of the confidence that these same users in how their lives are used for other purposes than just sharing with a selected group of recipients. After all, if the service is free, the money must be found elsewhere. The aphorism goes on to state that the user should then be the product, but it could also be that the user is consciously aware of its own value in this exchange.

When the exchange appears as too unbalanced, the consumer will not hesitate to revise to the economy of this contract and leave the relationship, bringing along his value.

Trust is therefore the core engine of data analysis.

This statement may seem conclusive. However, looking at the legal and regulatory obligations bearing on those in charge of data processing, it seems clear that such obligations mainly includes good conduct and transparency undertakings, with both individuals and the regulator. For instance, the core requirements set forth by the French Data Protection Authority (CNIL, Commission Nationale de l’Informatique et des Libertés) reside primarily in disclosure requirements for individuals and reporting to a publicly accessible register maintained by the regulator.

And this is probably where the issue lies with regards to Big Data. The data sets have reached extravagant sizes and the service providers and experts are bragging loudly about their ability to assist in the navigation on these oceans of bits. If their capacity to create real value in these dizzying well, it should not be forgotten that their expertise comes from data-hungry mathematical and algorithmic models. The temptation remains to feed these models in order to increase the service providers’ relevance from the data collected on behalf of their client.

When the flow of data becomes less transparent, without the knowledge of individuals or of such service providers’ customers, the implosion of the whole system is to be expected soon.

Without questioning the actual benefits of Big Data for all CRM actors, including the customers themselves (more than happy to receive offers truly relevant to their personal interests), the chain of trust must be maintained all along in order not to break the fragile ecosystem. The best policy must reside in a rational and coordinated approach by the classical actors of a new issue, and ensure that the multiplication of “Chief Data Officers” in multiple actors do not come at the expense of “Chief Privacy Officers”, acting as a legal safeguard against marketing sirens.

Indeed, a point of no return could be reached when Big Data, surpassing Big Brother, will not even need to analyze the present behavior to predict the future. And that point of no return has been reached last year by Target.