🇺🇸 IAPP Data Protection Intensive France Global Developments: CCPA and Beyond

February 4th, 2020 | Posted by Claude-Etienne Armingaud in Conference | Data Transfer | Europe | France | internet | Legislation | Privacy | World - (0 Comments)

The California Consumer Privacy Act of 2018 (CCPA) stands to radically change the way organisations throughout the United States, and even the world, handle personal data. Coming into force on 1 January 2020, CCPA has motivated other U.S. states such as Washington and Texas to move toward having their own privacy laws. Increasingly, pressure is building in Washington, DC, to advance federal privacy legislation, both on the domestic and international scene. In addition to Japan obtaining a GDPR-adequacy recognition (followed soon by Korea and India), Brazil has adopted its General Data Protection Act (GDPA) which is heavily inspired by the EU GDPR and will come into force in August 2020. In this session, hear about the new laws and legislative initiatives, how they will change the way you do business internationally and how to get prepared.

Along with Delphine Charlot, CIPP/E, Senior Counsel, Privacy and Data Protection, Mastercard

🇺🇸 Key changes to the AV regulatory framework and their effect on AV developments in France and the EU, The Future of Transportation World Conference 2019

December 10th, 2019 | Posted by Claude-Etienne Armingaud in Artificial Intelligence | Conference | Connected Cars | France | IT | Legislation | Non classé | Privacy - (0 Comments)
On March 29, 2018, French President Emmanuel Macron announced his plan to turn France into a global leader in AI. This political leadership was subsequently translated into the Villani report on AI, highlighting autonomous vehicles (AVs) as a regulatory case study, and the Idrac report on AVs. Following these reports, the regulatory framework is currently being amended. This presentation will outline the key changes and how they will affect AV developments in France and in the EU.

More information on the Future of Transportation World Conference 2019 website.

The Privacist Volume 2

November 8th, 2019 | Posted by Claude-Etienne Armingaud in Privacy - (0 Comments)

EU: IAPP Europe Data Protection Congress 2019 and Paris Pre-congress KnowledgeNet Meeting

November will see several opportunities to discuss privacy matters in Europe and meet with The Privacist contributors within the K&L Gates’ platform, in connection with the International Association of Privacy Professionals (IAPP).

On 18 November 2019, K&L Gates Paris will be hosting an IAPP KnowledgeNet focusing on compliance audit procedures. Speakers will include a representative from the Conformity Department of the French Supervisory Authority (Commission Nationale de l’Informatique et des Libertés or CNIL), Elisabeth Fraikin (Group DPO, Ariane Group), Matthieu Camus (Privacy Impact), Damien Chaminade (Internal Audit Director), and Lucile Rolinet (Associate, K&L Gates). You can register for the free event here.

Between 18 and 21 November, the IAPP Europe Data Protection Congress 2019 will take place in Brussels. K&L Gates Brussels’ Natali Addison, as well as K&L Gates Paris Claude-Étienne Armingaud and E. Drouard will be delighted to meet with you if you are planning to attend!

(more…)

The Privacist Volume 1

October 8th, 2019 | Posted by Claude-Etienne Armingaud in Communication | Europe | France | Press | Privacy - (0 Comments)

Brexit: Deal Or No-Deal? Data is the Question
With the Brexit deadline looming ahead on 31 October 2019, the situation seemingly reaches new levels of uncertainty every day. Last week, the U.K. Supreme Court’s eleven judges unanimously ruled that Prime Minister Boris Johnson’s decision on 9 September 2019, to prorogue Parliament was “unlawful and void.” Parliament will therefore carry on its Brexit discussions…with now only thirty days left to finalise a deal. Although Parliament, while still in session, passed a law to extend the Brexit deadline, such an extension would still require approval by the EU.

So how should companies prepare, on either side of the Channel (and beyond), in the coming months for the more-likely-by-the-day-scenario of No-Deal?

(more…)

, , , ,

Regulating Connected and Autonomous Vehicles A Blueprint for an AI Legal Framework

October 4th, 2019 | Posted by Claude-Etienne Armingaud in Communication | Connected Cars | Ethics | Europe | France | IT | Legislation | Privacy - (0 Comments)
AV Regulation Publication

A French Revolution, at last?

Despite optimistic statements in 2016 on both sides of the Atlantic (in between the European Commission’s communication on connected cars for Europe, and the Obama administration’s Detroit Auto Show announcement), it would seem that some of the hype surrounding connected and autonomous vehicles (“CAVs”) faltered. One reason may be the desensitization of the general public, as the initially promised 2020 deployment is dawning without a hint of general commercial availability in sight. On the other hand, the intricacies of the regulatory frameworks at stake also hinder the development of consumer-ready offers.

More often than not, France is perceived as an administrative maze, yet may become (unexpectedly to some) a leader in the race to regulating this incoming industry. However, far more than being limited to the automotive industry, regulating CAVs will serve as the blueprint for an artificial intelligence (“AI”) legal framework.

(more…)

Leaders League Ranking 2019 Technologies, internet & telecommunications Data protection law France

June 1st, 2019 | Posted by Claude-Etienne Armingaud in Communication | France | Privacy - (0 Comments)

K&L Gates ranked “Excellent” with E. Drouard & Claude-Etienne Armingaud.

Source: Leaders League

, , , ,

Legal 500 Rankings 2019 Industry focus: Healthcare & Live Sciences Band 3

April 23rd, 2019 | Posted by Claude-Etienne Armingaud in Communication | France | Privacy - (0 Comments)

K&L Gates LLP‘s healthcare and life sciences offering covers corporate, IT, intellectual property and regulatory mandates within the sector under the leadership of Jean-Patrice Labautière. He recently assisted Axonics with its €35m fundraising from Gilde Healthcare and represented a bidder in the sale of a business division by a leading global healthcare company. While Nicola Di Giovanni focuses on corporate and private equity mandates, Claude-Etienne Armingaud collaborated with Labautière to advise a heavyweight healthcare player on the implementation of a startup acceleration programme for the development of new technology.


, , , , ,

Legal 500 Rankings 2019 Industry focus: IT, telecoms and the internet Band 2

April 23rd, 2019 | Posted by Claude-Etienne Armingaud in Communication | France | Privacy - (0 Comments)

At K&L Gates LLP, the IP, IT and privacy group encompasses the firm’s corporate and commercial offering in the technological space under the joint leadership of Claude-Etienne Armingaud and E. Drouard, whose ‘perfect mastery of the law, outstanding understanding of complex issues and personal courage‘ impresses clients. The group was recently instructed by three major transport companies to advise on the provision of WiFi services in their train and subway stations and airports. Drouard is currently advising BNP Paribas on the regulatory and transactional aspects of the development of a digital mobile wallet app, and Armingaud is assisting a utility provider with the implementation of a smart city hub. Also notable is the group’s work in the online marketing and advertising, connected device and new technology, and online distribution sectors.


European Data Protection Board Clarifies the Interplay Between the EU Clinical Trials Regulation and the General Data Protection Regulation

April 8th, 2019 | Posted by Claude-Etienne Armingaud in eHealth | Guidelines | Privacy - (0 Comments)

On 23 January 2019, the EU Data Protection Board (“EDPB” – the gathering of all European Union (EU) data protection authorities) adopted opinion no. 3/2019 (the “Opinion”) on the interplay between the Clinical Trials Regulation no. 536/2014CTR”) and the General Data Protection Regulation (“GDPR”). Anticipating the application of CTR (currently expected to occur in 2020) following the implementation of the EU portal and the EU database of the European Medicines Agency, the Opinion provides clarification on (i) the different legal bases for the processing of personal data operations related to a specific clinical trial, from commencement of the clinical trial until the deletion of personal data collected during the clinical trial (“Primary Use”); and (ii) the further use of the same personal data set for any other scientific purposes (“Secondary Use”). Without establishing a legal basis, no one can process the personal data needed to run a clinical trial or to use the personal data for other research.

(more…)

, ,

GDPR French Data Protection Authority Pronounced Its First Fine Under GDPR (And Biggest So Far)

January 22nd, 2019 | Posted by Claude-Etienne Armingaud in Case Law | France | Privacy - (0 Comments)

On January 21, 2019, the French Data Protection Authority (Commission Nationale de l’Information et des Libertés, or “CNIL”) published its first sanction rendered under the General Data Protection Regulation (“GDPR”).

Barely eight months after GDPR entered into force, and the subsequent group actions that were introduced in France, the CNIL followed in their footsteps its other European counterparts. However, while Portugal in July drew first against a hospital with a EUR 400,000 fines, the Austrian and German follow-ups, respectively for EUR 4,800 and 20,000 underwhelmed in contrast with the EUR 20 million, or 4% of the global turnover of a company (which ever the greatest) maximum fines allowed under GDPR.

Today’s CNIL decision nevertheless set the possible path for upcoming application of GDPR, by striking a EUR 50 million fine against Google LLC.

This sanction followed the group complaints formed by Maximilian Schrems’s association “None Of Your Business” (“NOYB” – already behind the cancellation of the Safe Harbor in 2015 and currently litigating against the Standard Contractual Clauses in Ireland) and La Quadrature du Net (“LQDN”), which received a mandate from 10,000 individuals to refer the matter to the CNIL.

The CNIL grounded its decision on the lack of transparency and inadequate information of the individuals in order to deem the consent regarding the ads personalization invalid.

On the one hand, the CNIL highlighted that the information of the data subjects was diluted in a myriad of documents while applying to a plurality of services at once (e.g. Google search, You Tube, Google Home, Google Maps, Playstore…). This did not allow the user to gain a “just perception of the nature and the volume of data collected.”

On the other hand, the consent-gathering mechanism was deemed inadequate to obtain the “specific” and “unambiguousconsent required for such data processing operations. The CNIL notably criticized the blanket acceptance of “the processing of [users’] information as described above and further explained in the Privacy Policy”, which, according to the Regulator, does not allow the users to opt-it to the each particular processing operation at stake without additional steps for the users to reach the required information.

This decision, in addition to be the first rendered by the CNIL under GDPR, will also in all likelihood be the last under the current Secretary General, Isabelle Falque-Pierrotin, who will be replaced on February 1st, after heading the CNIL since 2011.

, , , , , ,

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits, as well as some analytics by Google and social buttons. By clicking “Accept”, you consent to the use of ALL the cookies. You may also customize the selection
Cookie settingsACCEPT REJECT