K&L Gates ranked “Recommended” with Claude-Etienne Armingaud.
Source: Leaders League
Author Archives: Claude-Etienne Armingaud
Technologies, internet & telecommunications – Internet – Ranking 2021 – Law firm – France
March 14th, 2021 | Posted by in IT | Rankings - (0 Comments) Leaders League Ranking 2021 – Technologies, internet & telecommunications – IT, software & digital projects – France
March 14th, 2021 | Posted by in IT | Rankings | Software - (0 Comments) Leaders League Ranking 2021 – Intellectual property – Brands, designs, and models – France
March 14th, 2021 | Posted by in Rankings | Trademarks - (0 Comments) K&L Gates ranked “Recommended” with Claude-Etienne Armingaud.
Source: Leaders League
GDPR/Data Scraping – A Clear Limitation by the French Data Protection Authority to Direct Marketing Practices
March 10th, 2021 | Posted by in eCommerce | France | Privacy - (0 Comments) The French Supervisory Authority (CNIL) wrapped up 2020 with a EUR 20,000 fine against NESTOR, a French food preparation and delivery company catering to office employees (see full Decision SAN-2020-018 in French).
The CNIL highlighted various breaches of the General Data Protection Regulation (GDPR) and the ePrivacy Directive regarding the processing of prospects and clients’ personal data by the CNIL, most notably:
- The lack of prior consent of the prospects to receiving direct marketing communication by electronic means, thereby violating Article L.34-5 of the French Post and Electronic Communications Code (CPCE);
- The failure to properly inform individuals (Article 12 and 13 GDPR) whether:
- Upon the creation of their account on the company’s platform, or
- Upon indirect collection through external sources;
- The failure to properly address Data Subjects’ Access Requests (DSAR – Article 15 GPDR).
While the fine is rather limited in view of the maximum potential amount of EUR 20 million or four percent of the turnover (whichever the greater), this decision presents an opportunity to examine web scraping and direct marketing practices, which are rapidly developing.
(more…)GDPR – English High Court Examines Extent of GDPR’s Extraterritorial Jurisdiction
March 5th, 2021 | Posted by in Brexit | Case Law | Europe | Privacy - (0 Comments) When the General Data Protection Regulation (“GDPR” – external source) came into force throughout the European Union nearly three years ago, one of its most eye-catching features was its extraterritorial jurisdiction provisions. These extend the reach of the GDPR to businesses located outside the European Union who offer goods or services to EU residents or who monitor the behavior of EU residents (See Art. 3(2)(a) and (b) GDPR).
Under the threat of becoming liable for a breach of the GDPR and potential fines of up to €20m or four percent of global turnover (whichever the higher), many businesses based in the United States and other locations outside the European Union have simply taken a stance of refusing to deal with EU residents, including taking measures such as geo-blocking websites to EU-based visitors. Other businesses, in the United States and elsewhere, have found themselves contemplating whether they might be subject to the GDPR and how to react merely because they have made a new EU-based business connection, acquired the contact details of a potential customer in the European Union, or even become aware that an employee at a customer organization had moved to the European Union.
A court in the United Kingdom has now considered the limits of extraterritorial jurisdiction of the GDPR, which may provide some reassurance to overseas businesses that limited contact with EU residents via a website may not necessarily lead to them being subject to the GDPR.
(more…)Global Data Review: Introducing the GDR 100
January 25th, 2021 | Posted by in Privacy | Rankings | World - (0 Comments) This article names K&L Gates among Global Data Review’s inaugural GDR 100, a ranking of the world’s best data law firms. The GDR 100 is the only global ranking that captures the capabilities, track record, and market reputation of the leading firms in the field. The ranking is based on in-depth submissions submitted by hundreds of law firms around the world, and profiles K&L Gates lawyers including Melbourne partner Cameron Abbott and Paris partner Claude-Etienne Armingaud. Read the article here (subscription required).
GDPR/Brexit – Brexit and European Data Protection – For Auld Lang Syne, My Dear!
January 20th, 2021 | Posted by in Data Transfer | Privacy - (0 Comments) The European Union (EU) and the United Kingdom (UK) finally came to an agreement on 24 December 2020 (EU-UK Trade and Cooperation Agreement, the Agreement), less than ten days after the European Data Protection Board (EDPB) published a statement on the consequences a no-deal situation would have on the flows of personal data between the EU and the UK (for previous coverage of General Data Protection Regulation (GDPR) and Brexit, please see our alert here). This statement has since been updated on 13 January 2021.
(more…)GDPR/Brexit – Brexit, GDPR, and the Timeline for Data Breaches
January 19th, 2021 | Posted by in Data Breach | Data Transfer | Europe | Privacy - (0 Comments) As of 1 January 2021, the Brexit transition period (Transition Period) ended, and the United Kingdom (UK) officially finalized its exit from the European Union (EU) and the 11th-hour commercial agreement (Agreement) should allow for a smoother transition on the data protection front as the General Data Protection Regulation (GDPR) stops being directly applicable to the UK. It also provided the UK with a six-month grace period to hope for an adequacy decision that would allow for the free transfer of personal data from the EU to the UK.
As the European Data Protection Board (EDPB) amended on 13 January 2021 its Brexit communications² further to the Agreement (Communications), it only addresses:
- The issue of data transfers from the EU to the UK;
- The end of the One-Stop-Shop (OSS) mechanism for the UK; and
- The need for UK entities that would be subject to GDPR to appoint a representative further to Art. 27 GDPR.
However, aside from enacting the end of the OSS and commenting that “the EDPB has been liaising with the ICO [Information Commissioner’s Office, the UK’s Supervisory Authority] over the past months in order to enable a smooth shift to this new situation by ensuring that the EEA authorities follow a shared and efficient approach in handling the existing complaints and cross-border cases involving the ICO, whilst minimizing delays and possible inconveniences to affected complainants[,]” the EDPB did not comment on how such collaboration will effectively play out for companies whose lead Supervisory Authority was the ICO.
Read the full article on Radar First blog.
- Adoption of the minutes and of the agenda, Information given by the Chair
- Minutes of the 42nd EDPB meeting
- Draft agenda of the 43rd EDPB meeting
- Consistency mechanism, Guidelines and EDPB
- Key Provision ESG
- Guidelines on restrictions under Article 23 GDPR
- Financial Matters ESG
- Guidelines 06/2020 on the interplay of the Second Payment Services Directive and the GDPR (after public consultation)
- International Transfer ESG
- Guidelines 2/2020 on articles 46 (2) (a) and 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies (after public consultation)
- Key Provision ESG
- Current Focus of the EDPB Members
- Data Governance Act COM (2020) 767 proposal – presentation by European Commission
- Information about the European Commission request for a joint EDPS-EDPB opinion regarding the Data Governance Act
- EDPB Strategy
- Support Pool of Experts
- Request for information from the European Commission regarding Brexit state of play (end of transitional period as well as the impact on EU-UK data flows and further information on possible adequacy decisions)
- Information note on data transfers under the GDPR to the United Kingdom after the Brexit transition period
- FOR DISCUSSION AND/OR ADOPTION – Expert Subgroups and Secretariat
- Cooperation ESG
- [BREXIT] Involvement of the UK SA in cooperation and consistency mechanisms
- Review of the internal documents on local cases
- Handling cross border complaints against public bodies or authorities – request for mandate
- Guidelines on handling complaints: revision of the mandate – request for mandate
- Compliance, e-Government and Health ESG
- Guidelines on certification criteria assessment – request for mandate
- Financial Matters ESG
- Statement on the protection of personal data processed in relation with the prevention of money laundering and terrorist financing
- International Transfers ESG
- Art. 64 GDPR Opinion on the draft decision of the Dutch Supervisory Authority regarding the Controller Binding Corporate Rules of Equinix
- Compliance, e-Government and Health ESG
- Stakeholder event on processing of data for medical and scientific research purposes – request for mandate
- Technology ESG
- Guidelines on anonymisation / pseudonymisation – request for mandate
- EDPB Secretariat
- 2021 February plenary
- Survey future meetings post COVID
- Cooperation ESG
- Any other business
Copyright © 2025 All rights reserved.
Designed by 