GDPR: Three Years On
25 May, 2021Three years ago on the 25th May 2018 the European Union’s General Data Protection Regulation (“GDPR”) came into effect. Marking this three year anniversary, we take a look at the key trends emerging from the Data Protection Commission’s (“DPC”) yearly reports from 2018, 2019 and 2020, which provide a useful insight into the role of […]
Read moreData Protection considerations when managing Mergers and Acquisitions (“M&A”)
27 May, 2021Introduction Since the EU 2016/679 General Data Protection Regulation (the “GDPR”) came into force on 25th May 2018, data protection law has become a fixture of public consciousness and many companies have had to assess and strengthen their data practices and policies to comply with the requirements under this important area of law. In recognising […]
Read moreIrish DPC fines Twitter €450,000 for data breach
22 December, 2020On 15th December 2020, the Irish Data Protection Commission (the “DPC”) announced its decision to impose an administrative fine of €450,000 on Twitter International Company (“Twitter”) following an investigation into a personal data breach reported by Twitter, under the self-reporting obligations of General Data Protection Regulation (EU) 2016/679 (“GDPR”). The breach arose as a result […]
Read moreThe Data Protection Commission’s “Cookies Sweep” and Obligations on Data Controllers
7 September, 2020The Irish Data Protection Commission (“DPC”) recently published updated guidance on the use of cookies and other tracking technologies (the “Guidance[1]”), together with an accompanying report based on a cookie sweep of 40 companies across a broad range of sectors (the “Report[2]”), conducted by the DPC between August 2019 and December 2019. Cookies are small […]
Read moreCJEU strikes down EU-US Privacy Shield
21 July, 2020On the 16th of July 2020 the Court of Justice of the European Union (“CJEU”) declared the EU-US Privacy Shield agreement (the “Privacy Shield”) invalid on the basis that it did not sufficiently protect the personal data of European citizens to the standard required by EU 2016/679 General Data Protection Regulation (the “GDPR”). Under […]
Read more