Photo of Davinia Brennan

The Data Protection Commissioner (DPC) has initiated a consultation seeking submissions in regard to how some key concepts in the GDPR should be interpreted and applied, including:

  • Consent
  • Profiling
  • Personal data breach notifications
  • Certification

The Article 29 Working Party (WP29) (consisting of representatives of the EU data protection authorities) is currently preparing guidance on these concepts, and EU data protection authorities are undertaking consultation processes with the purpose of ensuring that the views of stakeholders are heard.  The questions asked in the consultation demonstrate the lack of detail in the GDPR in regard to these key concepts.

Continue Reading DPC launches consultation on consent, profiling, data breach notifications and certification under the GDPR

Photo of Davinia Brennan

The CJEU has ruled (Case C-398/15) that there is no general right to be forgotten in respect of personal data in the companies register. However, upon expiry of a sufficiently long period after dissolution of a company, Member States may provide for restricted access to such data by third parties in exceptional cases. The CJEU’s decision is in line with its ruling in Google Spain (Case C-131/12) that the right to be forgotten is not absolute, and will always need to be balanced against other fundamental rights.

Continue Reading No right to be forgotten in respect of personal data in the companies register

Photo of Alison Quinn

The UPC Preparatory Committee has adopted and published the Rules and Procedure of the Unified Patent Court. The 18th draft of the agreed Rules is subject to change only with respect to the court fees that may be applicable.   The 1st draft, published in 2009, was progressed through stages of expert meetings and technical and public consultation and sets out the specific framework and functioning of the Unified Patent Court. Continue Reading UPC publishes agreed Rules of Procedure- 18th Draft