Armingaud Avocat

Blockchain & Data Protection: Trustless Should Not Mean Distrusted!

Amidst the international tidal wave caused by the entry into force of the EU General Data Protection Regulation (“GDPR”) in May 2018, many half, or even false truths have been spread about hindrance on a global scale of innovative technologies. However, we must keep in mind that Europe has adopted a long-standing position of technology-neutral regulations and data protection is no exception.

Indeed, from a GDPR perspective, no technology would be prohibited or regulated by nature – only its application to a specific purpose may be regulated, inasmuch as it involves personal data -whether relating to the participants and miners or the payload data itself- and falls within its broad geographical scope (see our previous Alert for more details).
(more…)

Adequacy Agreements, Legislation and Compliance in a GDPR World

While Capitol Hill is inundated with proposed privacy legislations from the Data Breach Prevention and Compensation Act (DBPCA), the CLOUD Act and the ENCRYPT Act, organizations the world over are trying to understand how to get their own regulations deemed adequate enough to ensure the flow of business in the EU, now that GDPR is a reality.
(more…)

The New EU-Japan Personal Data Deal: EU and Japan to Each Recognize the Other’s Personal Data Protection System as Equivalent – What It Means For Businesses and Next Steps

August 24th, 2018 | Posted by Claude-Etienne Armingaud in Europe | Privacy - (0 Comments)

On 17 July 2018, the European Union (the “EU”) and Japan reached an agreement to recognize each other’s data protections systems as “equivalent”, and each commits to complete internal procedures by fall 2018 (the “Data Agreement”). Once adopted, this will allow businesses to transfer personal data from the European Economic Area ¹⁾The EEA brings together the EU Member States and the three EFTA (European Free Trade Association) States (Norway, Liechtenstein and Iceland) into a … Continue reading(the “EEA”) to Japan and vice versa without being required to provide further additional safeguards for each transfer.

The Data Agreement concludes the two-year-long dialogue regarding mutual recognition of personal data protection regimes between the two parties, and it was issued along with the EU-Japan Economic Partnership Agreement, a long-awaited EU-Japan free trade deal. Prior to the final Data Agreement, in December 2017, the governments issued a joint statement to resolve issues essentially within the existing personal data protection framework to enable free data transfer between the two parties.
(more…)

References[+]

References
↑1	The EEA brings together the EU Member States and the three EFTA (European Free Trade Association) States (Norway, Liechtenstein and Iceland) into a single market that seeks to guarantee the free movement of goods, people, services and capital.

data protection, europe, GDPR, internet, privacy

Connecting the Dots: U.S. and International Issues and Regulatory Developments on Connected Cars/Autonomous Vehicles, K&L Gates / Access Partnership, Washington, D.C.

Mode information on K&L Gates website

The Laguiole trademark saga: Victory can be a double-edged knife

June 13th, 2017 | Posted by Claude-Etienne Armingaud in Case Law | Europe | Trademarks - (0 Comments)

The European Union Court of Justice confirmed the intellectual property rights owned by the French company “Forge de Laguiole”, but solely in areas in which it pursued an actual business activity.

A decision (Judgement dated 5 April 2017 of the Second Chamber of the EU Court of Justice, No C-598/14 “Szajner”) dated 5 April 2017 of the European Union Court of Justice (“EUCJ”) put an end to the longstanding series of court decisions about the Laguiole trademark before the European Union jurisdictions (“EU Jurisdictions”), on which relied the right for French company “Forge de Laguiole” to keep using its business name. This decision also gave the EUCJ the opportunity to clarify the application of national case law by the EU Jurisdictions within the framework of proceedings based on Article 8 (4) of Council Regulation (EC) No 207/2009 dated 26 February 2009 on the Community trade mark (the “Regulation”).

(more…)

competition

The ECJ Rules on the Compatibility with EU Law of Domestic Data Retention Requirements Imposed on Providers of Electronic Communications Services.

March 17th, 2017 | Posted by Claude-Etienne Armingaud in Case Law | Europe | IT | Privacy - (0 Comments)

After its invalidation of the data retention requirements imposed by Directive 2006/24/EC in its Digital Rights Ireland decision dated 8 April 2014, the ECJ was requested to assess the compatibility with the Directive 2002/58/EC (the “ePrivacy Directive”) and the Charter of Fundamental Rights of the European Union (the “CFREU”) of a domestic legislation mandating a general and indiscriminate obligation to retain traffic and location data, without prior judicial review, for purposes including the fight against crime.). The ECJ joined the two cases which had been submitted for review and issued its decision on 21 December 2016 (the “Decision”).
(more…)

data protection, europe, regulation

Globalization of Connected and Autonomous Cars – A Long and Winding Road?

March 11th, 2017 | Posted by Claude-Etienne Armingaud in Connected Cars | Europe | France | Legislation - (0 Comments)

The advent of autonomous cars represents a unique opportunity to rethink urbanism globally. Indeed, such a technological evolution will undoubtedly foster the development of a range of new offerings, such as car sharing and value-added opportunities, while at the same time ensure added safety on the roads at a time when traffic injuries remain the primary cause of death among people aged 15 to 29.

One direction in which this new paradigm could be expressed may be the decline of exclusive car ownership and the shift toward CaaS, or “Car-as-a-Service”. Autonomous cars could be shared among a community of subscribers and used on an as-needed basis, after which they could then park themselves outside of the urban landscape for battery-reloading purposes or when not in use.
Nevertheless, such an idealistic picture can only be achieved once all regulatory barriers have been lifted.
(more…)

big data, data protection, economy, europe, regulation

Experts concerned about legal gaps on autonomous cars

New China Article:

“However, the convention has been signed by 75 contracting countries only, said Claude-Etienne Armingaud, Paris partner at K&L Gates. One of the most notable absentees is the United States, he added.“
Read full article here.

New China Article:

connected car

French CNIL Reveals the Scope of its Connected Car “Compliance Package”

October 7th, 2016 | Posted by Claude-Etienne Armingaud in Connected Cars | Europe | France | Privacy - (0 Comments)

On 3 October 2016, during a conference organized by the French Comity of Car Manufacturers (“CCFA”) during the Paris Motor Show, Mrs. Sophie Nerbonne, the Compliance Director of the French Data Protection Authority (“Commission Nationale de l’Informatique et des Libertés” or “CNIL”), hosted a press conference in the ongoing fact-gathering for the CNIL’s “compliance package on connected vehicles” (link – in French) on the basis of the Act no. 78-17 dated 6 January 1978, relating to information technology, data files and civil liberties.