For the past 15 years, this Safe Harbor framework gave privileged status to U.S. companies, allowing for such entities to “self-certify” that they complied with privacy standards negotiated between the European Commission and the United States Department of Commerce under the Clinton Administration in 1999, and were viewed as “adequate” by the EU. Effective immediately, today’s ruling may force all of the 4,400 U.S. entities that currently relying on the Safe Harbor to access the data of their EU partners and subsidiaries, to seek alternate modes of data transfer or risk non-compliance with EU data protection requirements.
(more…)
🇺🇸 Sapin II – Organisational Risk and Crisis Management, K&L Gates Paris Conference, Paris
June 15th, 2017 | Posted by in Anticorruption | Conference | Legislation | Privacy - (0 Comments)Guidelines on the right to data portability
April 5th, 2017 | Posted by in Europe | Guidelines | Privacy - (0 Comments)Adopted on 13 December 2016 – As last Revised and adopted on 5 April 2017
Executive summary
Article 20 of the GDPR creates a new right to data portability, which is closely related to the right of access but differs from it in many ways. It allows for data subjects to receive the personal data that they have provided to a controller, in a structured, commonly used and machine-readable format, and to transmit those data to another data controller. The purpose of this new right is to empower the data subject and give him/her more control over the personal data concerning him or her.
Since it allows the direct transmission of personal data from one data controller to another, the right to data portability is also an important tool that will support the free flow of personal data in the EU and foster competition between controllers. It will facilitate switching between different service providers, and will therefore foster the development of new services in the context of the digital single market strategy.
This opinion provides guidance on the way to interpret and implement the right to data portability as introduced by the GDPR. It aims at discussing the right to data portability and its scope. It clarifies the conditions under which this new right applies taking into account the legal basis of the data processing (either the data subject’s consent or the necessity to perform a contract) and the fact that this right is limited to personal data provided by the data subject. The opinion also provides concrete examples and criteria to explain the circumstances in which this right applies. In this regard, WP29 considers that the right to data portability covers data provided knowingly and actively by the data subject as well as the personal data generated by his or her activity. This new right cannot be undermined and limited to the personal information directly communicated by the data subject, for example, on an online form.
As a good practice, data controllers should start developing the means that will contribute to answer data portability requests, such as download tools and Application Programming Interfaces. They should guarantee that personal data are transmitted in a structured, commonly used and machine-readable format, and they should be encouraged to ensure the interoperability of the data format provided in the exercise of a data portability request.
The opinion also helps data controllers to clearly understand their respective obligations and recommends best practices and tools that support compliance with the right to data portability. Finally, the opinion recommends that industry stakeholders and trade associations work together on a common set of interoperable standards and formats to deliver the requirements of the right to data portability.
🇺🇸 K&L Gates Assembles IoT & Connected Car Panel at #GMIS2017
March 28th, 2017 | Posted by in Communication | Conference | Connected Cars | Legislation | Privacy - (0 Comments)K&L Gates assembled a great panel on March 28 during the Global Manufacturing and Industrialisation Summit (#GMIS2017) at Paris-Sorbonne University Abu Dhabi, including David Bell, Mohammed Omar, Mark Beer OBE, Arthur Artinian, Claude-Etienne Armingaud and William Reichert, to discuss the legal and regulatory issues relating to the Internet of Things (IoT), Industrial Internet of Things (IIoT) and Connected Cars
#GMIS2017 IoT & Connected Car panel with K&L Gates
The ECJ Rules on the Compatibility with EU Law of Domestic Data Retention Requirements Imposed on Providers of Electronic Communications Services.
March 17th, 2017 | Posted by in Case Law | Europe | IT | Privacy - (0 Comments)After its invalidation of the data retention requirements imposed by Directive 2006/24/EC in its Digital Rights Ireland decision dated 8 April 2014, the ECJ was requested to assess the compatibility with the Directive 2002/58/EC (the “ePrivacy Directive”) and the Charter of Fundamental Rights of the European Union (the “CFREU”) of a domestic legislation mandating a general and indiscriminate obligation to retain traffic and location data, without prior judicial review, for purposes including the fight against crime.). The ECJ joined the two cases which had been submitted for review and issued its decision on 21 December 2016 (the “Decision”).
(more…)
🇫🇷 La veritable Privacy by design, Conference Automobile Connectee – Journal de l’Automobile, Paris
March 2nd, 2017 | Posted by in Conference | Connected Cars | France | Privacy - (0 Comments)French CNIL Reveals the Scope of its Connected Car “Compliance Package”
October 7th, 2016 | Posted by in Connected Cars | Europe | France | Privacy - (0 Comments)On 3 October 2016, during a conference organized by the French Comity of Car Manufacturers (“CCFA”) during the Paris Motor Show, Mrs. Sophie Nerbonne, the Compliance Director of the French Data Protection Authority (“Commission Nationale de l’Informatique et des Libertés” or “CNIL”), hosted a press conference in the ongoing fact-gathering for the CNIL’s “compliance package on connected vehicles” (link – in French) on the basis of the Act no. 78-17 dated 6 January 1978, relating to information technology, data files and civil liberties.
(more…)Leaders League Ranking 2016 – New Technologies – Internet – France
July 11th, 2016 | Posted by in IT | Privacy | Rankings - (0 Comments)K&L Gates ranked “Highly Recommended” with E. Drouard & Claude-Etienne Armingaud by Leaders League.
Source: No longer publicly available
Legal 500 2016 – EMEA Ranking – Industry focus: IT, telecoms and the internet – Band 3
April 11th, 2016 | Posted by in Blockchain | Communication | Connected Cars | eCommerce | Europe | IT | Privacy | Rankings | Software | Trusted Services and eSignature - (0 Comments)K&L Gates is ranked in the Industry focus: IT, telecoms and the internet ranking as Band 3
“Headed by E. Drouard, K&L Gates LLP’s six-lawyer team assists major companies with digital transformation, outsourcing matters and IT systems integration. It also advises on cutting-edge data protection matters. Altarea-Cogedim Group and Voyages-SNCF.com are clients, as are a number of luxury goods manufacturers and advertising groups. Senior associate Claude-Etienne Armingaud is another name to note.”
Source: Legal 500 EMEA
Automated Vehicles – Comparative views across the Pond
January 29th, 2016 | Posted by in Connected Cars | Europe | Privacy - (0 Comments)While the Obama administration just announced that the financing of the autonomous car would be one of its last projects during the Detroit Auto Show, the research services from the European Parliament also published a prospective note on a similar topic.
The two projects share a same ambition: reduce the death toll on the roads as well as energy consumption. (more…)
Did the ECJ Kill the Safe Harbor Framework on E.U.-U.S. Data Transfers?
October 6th, 2015 | Posted by in Case Law | Data Transfer | Europe | Privacy - (0 Comments)On October 6, 2015, the European Court of Justice (“ECJ”) ruled in the “Schrems”case that the U.S.-EU Safe Harbor framework on the transfer of personal data from Europe to the United States, was invalid.
Copyright © 2025 All rights reserved.
Designed by 