On 17 October 2017, after about 18 months of waiting, a consultation involving more than 20 players, and two intermediate versions, the French Data Protection Authority (“Commission Nationale de l’Informatique et des Libertés” or “CNIL”) has released the final version of its “compliance package” on Connected Cars (“Compliance Package”).
(more…)The French Connected Cars “Compliance Package” in EU Pole Position
October 19th, 2017 | Posted by in Connected Cars | France | Privacy - (0 Comments) GDPR – New Consultations for GDPR Interpretation Initiated by French Data Protection Authority on the Concepts of ”Transparency” and ”International Data Transfers”
October 16th, 2017 | Posted by in France | Privacy - (0 Comments) In June 2017, the Article 29 Working Party – the gathering the all Member States’ Data Protection Authorities (DPAs) – announced that the five last guidelines to be adopted as companion pieces to the General Data Protection Regulation (“GDPR”) would be published in December 2017. Further to this announcement, the French DPA, the CNIL, is now seeking the contributions of the relevant stakeholders impacted by two out of five topics, whether they be sole or joint “data controllers”, “data processors” or “data subjects”.
(more…)
What effect will disruptive mobility technology and new personal transportation options have on business models and strategies for automotive manufacturers, The Future of Transportation World Conference
July 6th, 2017 | Posted by in Conference | Connected Cars | Intellectual Property | IT | Privacy | Software | Trusted Services and eSignature | World - (0 Comments) Sapin II – Organisational Risk and Crisis Management, K&L Gates Paris Conference, Paris
June 15th, 2017 | Posted by in Anticorruption | Conference | Legislation | Privacy - (0 Comments) Guidelines on the right to data portability
April 5th, 2017 | Posted by in Europe | Guidelines | Privacy - (0 Comments) Adopted on 13 December 2016 – As last Revised and adopted on 5 April 2017
Executive summary
Article 20 of the GDPR creates a new right to data portability, which is closely related to the right of access but differs from it in many ways. It allows for data subjects to receive the personal data that they have provided to a controller, in a structured, commonly used and machine-readable format, and to transmit those data to another data controller. The purpose of this new right is to empower the data subject and give him/her more control over the personal data concerning him or her.
Since it allows the direct transmission of personal data from one data controller to another, the right to data portability is also an important tool that will support the free flow of personal data in the EU and foster competition between controllers. It will facilitate switching between different service providers, and will therefore foster the development of new services in the context of the digital single market strategy.
This opinion provides guidance on the way to interpret and implement the right to data portability as introduced by the GDPR. It aims at discussing the right to data portability and its scope. It clarifies the conditions under which this new right applies taking into account the legal basis of the data processing (either the data subject’s consent or the necessity to perform a contract) and the fact that this right is limited to personal data provided by the data subject. The opinion also provides concrete examples and criteria to explain the circumstances in which this right applies. In this regard, WP29 considers that the right to data portability covers data provided knowingly and actively by the data subject as well as the personal data generated by his or her activity. This new right cannot be undermined and limited to the personal information directly communicated by the data subject, for example, on an online form.
As a good practice, data controllers should start developing the means that will contribute to answer data portability requests, such as download tools and Application Programming Interfaces. They should guarantee that personal data are transmitted in a structured, commonly used and machine-readable format, and they should be encouraged to ensure the interoperability of the data format provided in the exercise of a data portability request.
The opinion also helps data controllers to clearly understand their respective obligations and recommends best practices and tools that support compliance with the right to data portability. Finally, the opinion recommends that industry stakeholders and trade associations work together on a common set of interoperable standards and formats to deliver the requirements of the right to data portability.
K&L Gates Assembles IoT & Connected Car Panel at #GMIS2017
March 28th, 2017 | Posted by in Communication | Conference | Connected Cars | Legislation | Privacy - (0 Comments) K&L Gates assembled a great panel on March 28 during the Global Manufacturing and Industrialisation Summit (#GMIS2017) at Paris-Sorbonne University Abu Dhabi, including David Bell, Mohammed Omar, Mark Beer OBE, Arthur Artinian, Claude-Etienne Armingaud and William Reichert, to discuss the legal and regulatory issues relating to the Internet of Things (IoT), Industrial Internet of Things (IIoT) and Connected Cars
#GMIS2017 IoT & Connected Car panel with K&L Gates
The ECJ Rules on the Compatibility with EU Law of Domestic Data Retention Requirements Imposed on Providers of Electronic Communications Services.
March 17th, 2017 | Posted by in Case Law | Europe | IT | Privacy - (0 Comments) After its invalidation of the data retention requirements imposed by Directive 2006/24/EC in its Digital Rights Ireland decision dated 8 April 2014, the ECJ was requested to assess the compatibility with the Directive 2002/58/EC (the “ePrivacy Directive”) and the Charter of Fundamental Rights of the European Union (the “CFREU”) of a domestic legislation mandating a general and indiscriminate obligation to retain traffic and location data, without prior judicial review, for purposes including the fight against crime.). The ECJ joined the two cases which had been submitted for review and issued its decision on 21 December 2016 (the “Decision”).
(more…)
La veritable Privacy by design, Conference Automobile Connectee – Journal de l’Automobile, Paris
March 2nd, 2017 | Posted by in Conference | Connected Cars | France | Privacy - (0 Comments) French CNIL Reveals the Scope of its Connected Car “Compliance Package”
October 7th, 2016 | Posted by in Connected Cars | Europe | France | Privacy - (0 Comments) On 3 October 2016, during a conference organized by the French Comity of Car Manufacturers (“CCFA”) during the Paris Motor Show, Mrs. Sophie Nerbonne, the Compliance Director of the French Data Protection Authority (“Commission Nationale de l’Informatique et des Libertés” or “CNIL”), hosted a press conference in the ongoing fact-gathering for the CNIL’s “compliance package on connected vehicles” (link – in French) on the basis of the Act no. 78-17 dated 6 January 1978, relating to information technology, data files and civil liberties.
(more…)Leaders League Ranking 2016 – New Technologies – Internet – France
July 11th, 2016 | Posted by in IT | Privacy | Rankings - (0 Comments) K&L Gates ranked “Highly Recommended” with E. Drouard & Claude-Etienne Armingaud by Leaders League.
Source: No longer publicly available
Copyright © 2025 All rights reserved.
Designed by 