Practice head(s): Claude-Etienne Armingaud
Source: Legal 500
The team at K&L Gates LLP has strong capabilities advising clients active in the areas of luxury goods, the metaverse and energy, on innovative technologies such as VR and augmented reality, in matters which are often cross-border in nature. It is also well-equipped to advise on e-commerce launches, GDPR due diligence reviews, and acquisition matters. The team, led by Claude-Etienne Armingaud, often works in collaboration with other global offices.
Practice head(s): Claude-Etienne Armingaud
(more…)Backed by a global network spanning five continents, the data protection, privacy and security group at K&L Gates LLP assists financial institutions and multinationals in mining, biotech (Anika Therapeutics), energy (Envision), home appliances (SharkNinja), pharmaceuticals (Ipsen), manufacturing (K&N Engineering), luxury goods and tech, on wide array of matters across the practice area. Headed by Claude-Etienne Armingaud, an expert in multi-jurisdictional transactional matters, dealing with IT outsourcing and data protection, the group also assists clients with GDPR compliance, data sharing agreements and data protection elements of M&A transactions.
Well, that’s a wrap on #DPI23 France!
Claude-Étienne Armingaud, CIPP/E, Partner, Data Protection Privacy and Security Practice Group Coordinator, K&L Gates
Gabriela Mercuri, Managing Director, SCOPE Europe
Jörn Wittmann, Director Privacy Legislative Strategy and Public Policy, Volkswagen AG
Codes of conduct overseen by accredited monitoring bodies are one of the breakthrough innovations introduced by EU General Data Protection Regulation. As part of its accountability framework, GDPR not only shifted the onus of demonstrative compliance, but also created the possibility for stakeholders to engage in co-regulatory practices. The goal was to allow the industry to support regulatory implementation by developing workable guidance to concretize the GDPR’s provisions. More flexible than other previously adopted compliance tools, CoCs generated high expectations, particularly in the wake of Schrems II, as a possible solution to address international data transfers and enable legal foreseeability. CoCs have not yet reached their full potential, with only a handful of national CoCs deployed and even less at the pan-European level. However, as the cloud ecosystem leads the way, this panel will explore the background of this sectoral success while highlighting CoC’s benefits, as well as their limitations.
What you will learn:
• How to understand the relevancy of CoCs in a post-GDPR, post-Schrems II era.
• What CoCs can bring to an ecosystem, as well as what they should not be pursued for.
• The future of international data transfers amid emerging data protection systems at global levels.
K&L Gates ranked “Highly Recommended, Band 2/2” with Claude-Etienne Armingaud.
Source: Leaders League
(more…)K&L Gates ranked “Highly Recommended – Band 1” with Claude-Etienne Armingaud.
Source: Leaders League
(more…)This survey follows the CNIL’s announcement on 24 November 2022 that it aims at “better understanding the economic challenges associated with the collection and processing of personal data in mobile applications” as part of its 2022-2024 strategic plan.
The CNIL considered data collection via mobile applications greatly lacks transparency as opposed to cookies collection on websites.
The expected inputs are to be used for the purpose of drafting recommendations to be submitted to public consultation during the second semester of this year.
Concurrently to its ever-active enforcement of website cookie framework, the CNIL also recently started going after mobile applications for their use of personal data, often leverage as a primary source of revenue for free-to-play mobile games. The most recent example being the French mobile game publisher Voodoo SAS, with a fine of EUR3 million for breach of user consent for targeted ads on 29 December 2022. Indeed, the CNIL considered that even when users did not consent to the tracking for advertising purposes, Voodoo still accessed the IDFV (Apple’s “IDentifier For Vendors” (“IDFV”) – an identifier assigned to app operators, which facilitates targeted advertising) and processed browsing information for advertising purposes, constituting a violation of French privacy law and the GDPR.
The CNIL now calls for economic contributions from experts, interest groups, regulatory entities and experienced private individuals in the field. The call for contributions closes on 10 February 2023. Contributions can be submitted by completing a questionnaire and/or a written statement at the following email address: ecodesapplis@cnil.fr.
All contributions will be covered by professional secrecy and will be published in the form of a synthetic and aggregated report.
First publication on Cyber Law Watch with Camille Scarparo.
