Publications

GDPR: Three Years On

25 May, 2021

Three years ago on the 25th May 2018 the European Union’s General Data Protection Regulation (“GDPR”) came into effect. Marking this three year anniversary, we take a look at the key trends emerging from the Data Protection Commission’s (“DPC”) yearly reports from 2018, 2019 and 2020, which provide a useful insight into the role of […]

Read more

Data Protection considerations when managing Mergers and Acquisitions (“M&A”)

27 May, 2021

Introduction Since the EU 2016/679 General Data Protection Regulation (the “GDPR”) came into force on 25th May 2018, data protection law has become a fixture of public consciousness and many companies have had to assess and strengthen their data practices and policies to comply with the requirements under this important area of law.  In recognising […]

Read more

Irish DPC fines Twitter €450,000 for data breach

22 December, 2020

On 15th December 2020, the Irish Data Protection Commission (the “DPC”) announced its decision to impose an administrative fine of €450,000 on Twitter International Company (“Twitter”) following an investigation into a personal data breach reported by Twitter, under the self-reporting obligations of General Data Protection Regulation (EU) 2016/679 (“GDPR”).  The breach arose as a result […]

Read more

The Data Protection Commission’s “Cookies Sweep” and Obligations on Data Controllers

7 September, 2020

The Irish Data Protection Commission (“DPC”) recently published updated guidance on the use of cookies and other tracking technologies (the “Guidance[1]”), together with an accompanying report based on a cookie sweep of 40 companies across a broad range of sectors (the “Report[2]”), conducted by the DPC between August 2019 and December 2019. Cookies are small […]

Read more

CJEU strikes down EU-US Privacy Shield

21 July, 2020

On the 16th of July 2020 the Court of Justice of the European Union (“CJEU”) declared the EU-US Privacy Shield agreement (the “Privacy Shield”) invalid on the basis that it did not sufficiently protect the personal data of European citizens to the standard required by EU 2016/679 General Data Protection Regulation (the “GDPR”).   Under […]

Read more
Translate »