March/April 2024
Volume 17, Issue 2

View Front Cover PDF

News Items

• EU AI Act approved; new Commissioner
  says AI is a focus for 2024

• EDPB adopts report on Data Protection

  Officers

• Repeat offenders will face consequences, says new Commissioner

• DPC publishes guidance on digital footprints

Articles

• Processing personal data using AI systems Part 1 - Tim Hickman and Aishwarya Jha, White & Case LLP

• Anonymisation through separation: what recent cases teach us about the EU's anonymisation standards - Lore Leitner, Gabe Maldoff and Mickey Lee, Goodwin

• Clearview AI's win - practical implications - Katie Hewson, Daniel Jones and Nelson Kiu, Stephenson Harwood LLP

• Data Scraping and Data Protection - key things to consider - Duc Tran, Of Counsel and Erin Bibb, Herbert Smith Freehills LLP

January/February 2024
Volume 17, Issue 1

View Front Cover PDF

News Items

• EU court lowers requirements for imposing fines for breaches

• Minister receives Cabinet approval for draft Facial Recognition Technology Bill

• Face recognition Bill

• EU AI Act agreed

Articles

• Expert Comment - Hannah Perry, Mason Hayes & Curran LLP

• GDPR fines - clarity from the CJEU - Davinia Brennan and Samuel Elliot, Matheson

•  

  Implementing AI - what you need to know - Stephanie Pritchett and Ben Wootton, Pritchetts Law LLP

• Assessing the Assessments - Robert Bond

• Higher fines through the back door? - Ellis Parry, Data Privacy Compliance Solutions Limited

November/December 2023
Volume 16, Issue 6

View Front Cover PDF

News Items

• TikTok granted permission to appeal DPC fine

• DPC publishes trove of case studies

• Amazon facing €170 million fine over workplace surveillance

• DPC investigating Central Bank data breach

• US facial recognition firm Clearview AI wins GDPR appeal in UK

Articles

• DPC's guidance on SARs - key takeaways for employers - Linda Hynes, Lewis Silkin Ireland
• Harmful design in digital markets - key do's and don'ts - Bridget Treacy

• Cybersecurity Standards and Certifications - what's the right fit - Nick Soni, CyberStreet

• International data transfers - the new 'normal' - Liz Fitzsimons, Eversheds Sutherland

September/October 2023
Volume 16, Issue 5

View Front Cover PDF

News Items

• Airbnb Headlines reprimanded by DPC

• EU-US Framework adopted

• DPC fines Department of Health €22,500

• Competition authorities can consider GDPR breaches, says CJEU

• Court dismisses action against DPC

Articles

• 8 Hallmarks of effective Data Protection by Design and Default - Robert Maddox and Stephanie Thomas, Debevoise & Plimpton LLP

• AI - comparing global approaches and 5 compliance keys - Gita Shivarattan, Ernst & Young LLP

• Pseudonymous or anonymous, that is the question - Ali Vaziri, Lewis Silkin LLP

• The rise of GDPR private enforcement - trends and developments - Jack Thorne and Pilar Arzuaga, McDermott WIll & Emery LLP

July/August 2023
Volume 16, Issue 4

View Front Cover PDF

News Items

• Commission suspends Meta data transfers

• New DPC guidance for employers

• New Bill on facial recognisiton use by police

• NOYB pursues case against DPC

• Campaigner seeks damage for State's unlawful data gathering

Articles

• What does the Meta decision mean for the future of international transfers? - Emma Erskine-Fox, TLT

• Reigning in recommended content: a data protection lawyer's take on the DSA - Hannah Perry, Mason Hayes and Curran LLP

• How to achieve transparency in privacy policies (really) - Ellis Parry, Data Privacy Compliance Solutions

• Are crypto wallet addresses personal data? - Daniel Owen, Bristow’s LLP

May/June 2023
Volume 16, Issue 3

View Front Cover PDF

News Items

• DPC releases Annual Report

• EDPB launches its 2022 Annual Activity Report

• UK government publishes AI White Paper

• White House releases National Cybersecurity Strategy

• DPC on deadline to adopt final decision on Meta transfers

• DPC publishes new children’s guidance

Articles

• Expert Comment - Marie C. Daly, Covington

• Bridget Brogan v The Dublin Airport Authority - Morgane Conaty, Law Library 

• Cookie banners: when is consent not consent? - Vicki Bowles, VWV 

• The EU and Generative AI — the New David vs Goliath? - Hannah Perry, Mason Hayes and Curran LLP

• The DPC’s decisions on Instagram, Facebook and WhatsApp - Alex Jameson, Bird & Bird 

March/April 2023
Volume 16, Issue 2

View Front Cover PDF

News Items

• Commission proposes new Regulation to fix GDPR enforcement

• Recommendations for use of cloud-based services by the public sector

• DPOs and conflict of interest — new guidance from CJEU

• DPC threatens to take legal action against EDPB for overreaching its authority

• Supervisory Authorities support fair cookie banners

• AI Chatbot stopped over GDPR concerns

Articles

• The evolving personal data breach notification regime - Adam Finlay, McCann FitzGerald

• Responding to Data Subject Access Requests - certainty ahead? - Davinia Brennan, Matheson

• Data retention and disposal in non-corporate communication channels — time to bin WhatsApp? - Louisa Williams and Jennifer Cleaver, TLT LLP

• The Evergreen privacy programme - myth or reality? - Kate Brimsted, Bryan Cave Leighton Paisner LLP

January/February 2023
Volume 16, Issue 1

View Front Cover PDF

News Items

• DPC to ban Meta from ads based on personal data

• European Commission publishes adequacy decision for EU-US transfers

• CJEU gives right to be forgotten ruling

• DPC publishes details of six fines

• UK government releases first of its kind Code

Articles

• Role of the DPO — lessons from recent decisions - Ronan Hayes, BCM Global

• Evolution of a Profession: the Data Protection Officer (Part 3) - Gordon Wade and Isobel Murphy, TikTok

• Data protection in a developing metaverse - Daniel Owen, Bristows

November/December 2022
Volume 15, Issue 6

View Front Cover PDF

News Items

• EP ‘not very happy’ with DPC
• DPC submits its draft decision on Meta
• DPC identifies eight risks on latest risk register

Articles

• Changes brought in by the Communications (Retention of Data) (Amendment) Act 2022
• Evolution of a Profession: the Data Protection Officer (Part 2), Gordon Wade and Isobel Murphy, TikTok
• Mental Health Apps Part 2: are they in good health?, Lorna Cropper, Alexandra Hague and Minhaal Datoo, Fieldfisher

September/October 2022
Volume 15, Issue 5

View Front Cover PDF

News Items

• CJEU significantly expands the scope of Article 9 GDPR
• DPC decision set aside by Circuit Court
• Bill expanding drone use by Ireland’s police expected later this year

Articles

• Monitoring employee health data: the limits, safeguards and lessons from Covid-19, Morgane Conaty BL Legal Researcher
• Evolution of a Profession: the Data Protection Officer (Part 1), Gordon Wade and Isobel Murphy, TikTok
• Navigating M&A — knowing your compliance blindspots, Sara Jameel and Gita Shivarattan, Ernst & Young LLP
• Mental Health Apps Part 1: are they in good health?, Lorna Cropper, Alexandra Hague and Minhaal Datoo, Fieldfisher

July/August 2022
Volume 15, Issue 4

View Front Cover PDF

News Items

• Data of Irish internet users shared 392 times a day, says report
• Complaint lodged against An Post data service
• PSNI investigated after sharing personal data with foreign police

Articles

• The importance of swift action to mitigate a data breach - Morgane Conaty, Chief State Solicitor’s Office
• Conducting Transfer Impact Assessments — practical tips - James Clark and Benji Payne, DLA Piper
• Applying Article 23 — exceptions are exceptions, not the rule - Ann Bevitt and Yasmin Roland, Cooley LLP

March/April 2022
Volume 15, Issue 3

View Front Cover PDF

News Items

• DPC’s statistical report on  cross-border complaints handling
• Review finds DPC should be paid more; campaign group says this alone won’t solve issues

Articles

• The new Guidelines on access requests — is the bar now too high? - Davinia Brennan, Matheson
• To transfer or not to transfer, that is the question - Erik Steiner and Victoria Hordern, Taylor Wessing
• Data retention rules for Europe — a headache or a vindication? - Marie C. Daly, Covington
• Expanding the transfer toolkit: Codes of Conduct for Transfers - Sara Jameel and Peter Given, EY

March/April 2022
Volume 15, Issue 2

View Front Cover PDF

News Items

• WhatsApp updates its EU privacy policies after €225m fine from DPC
• TikTok children’s privacy lawsuit can proceed, says UK High Court

Articles

• Top 5 data protection compliance challenges for 2022 – by Davinia Brennan, Matheson
• Untying the Gordian knot? The EDPB’s new guidelines on territorial scope, by Peter Given and Laura Stewart, EY
• SFA: now a CISA ‘bad practice’ – by Ali Vaziri, Lewis Silkin LLP
• The draft AI Act: the good, the bad and the ugly – by Sandy Tsakiridi, HSBC

January/February 2022
Volume 15, Issue 1

News Items

• DPC submits Article 60 draft decision on inquiry into Instagram
• Data protection audit of political parties in Ireland
• DPC addresses baseless allegations made against it

Articles

• An overview of the DPC’s new Children’s Fundamentals – by Davinia Brennan and Rory O’Keeffe, Matheson
• CJEU data protection case law in 2022 – by Gordon Wade, TikTok
• Data retention and the recent opinion of the Advocate General, by Marie Daly, Covington

November/December 2021
Volume 14, Issue 6

View Front Cover PDF 

News Items

• Facebook whistleblower says Ireland has unfair pressure

• Ireland’s cyber security chief says cyberattacks are getting “messier and more complicated”

Articles

• An Irish criminal case and evolving EU data retention law, by Marie C. Daly, Covington
• UK data protection litigation — a burgeoning market, by Ashley Hurst, Osborne Clarke
• Managing data protection in digital identities, by Emma Erskine-Fox, TLT LLP
• Brazilian law — a comparison with the GDPR, by Monica Simoes de Almeida
• What are Trusted Third Parties? (Part 2), by Hamsa Hassan, London Ambulance Service NHS Trust, and Sophie Stalla-Bourdillon and Alfred Rossi, both with Immuta

September/October 2021
Volume 14, Issue 5

View Front Cover (PDF)

News Items

• DPC fines WhatsApp €225m; company to appeal

• Report recommends wide ranging review of DPC and functions

• New investigation into Public Services Card

• Garante publishes updated guidelines on cookies and other tracking technologies

• Scope of data subject access requests widened in Germany

• China’s GDPR passed

Articles

• Expert comment - Oisin Tobin, Mason Hayes & Curran

• Reforms of the DPC — the Justice Committee’s report - Marie Daly, Covington

• A first look at the proposed UK approach to IDTs - Victoria Hordern, Bates Wells

• Codes of Conduct for International Transfers - Kristof Van Quathem & Anna Sophia Oberschelp de Menesesat, Covington & Burling LLP

• What are Trusted Third Parties? (Part 1) - Hamsa Hassan, Sophie Stalla-Bourdillon & Alfred Rossi, London Ambulance Service NHS Trust & Immuta

July/August 2021
Volume 14, Issue 4

View Front Cover (PDF)

News Items

• Cross-border cases not limited to leading authority, CJEU rules

• EDPB releases final version of supplementary measures

• New SCCs adopted

• HSE permitted to question frontline staff about vaccine status

• UK receives adequacy

• EDPB and EDPS call for ban on facial recognition

Articles

• Expert comment - Oisin Tobin, Mason Hayes & Curran

• GDPR fines across the EU and their implications - Stephanie Pritchett, Ben Wootton & Hilary Homer, Pritchetts Law LLP

• Can the new SCCs be governed by Irish law? - Hannah Hassell, Mason Hayes & Curran LLP

• Mobile applications and privacy law (Part 2) - Peter Given, Darryl Webb & Ronke Euler-Ajayi, Womble Bond Dickinson LLP

• Facial recognition and privacy: finding the right balance (Part 2) - Dr Konstantinos Kouroupis, Frederick University

May/June 2021
Volume 14, Issue 3

View Front Cover (PDF)

News Items

• One stop shop is unsustainable, says Helen Dixon, EDPS and MEPs

• Committee calls for detailed guidelines on Schrems II

• Bavarian regulator applies Schrems II

• Lawsuit against TikTok and company to open Transparency Centre in Ireland

• Commission launches GDPR inquiry into Facebook, and class action launched

Articles

• Expert comment - Oisin Tobin, Mason Hayes & Curran

• Regulation in Ireland - recent trends and what lies ahead - Davinia Brennan, A&L Goodbury LLP

• The Mailchimp case - Bridget Treacy, Hunton Andrews Kurth

• Facial recognition and privacy: finding the right balance (Part 1) - Dr Konstantinos Kouroupis, Frederick University

• Mobile applications and privacy law - Peter Given, Darryl Webb and Ronke Euler-Ajayi, Bond Dickinson LLP

March/April 2021
Volume 14, Issue 2

View Front Cover (PDF)

News Items

• e-Privacy Regulation progresses to next stage

• New EU guidelines on breach notification

• DPC clarifies meaning of CCTV decision

• DPC criticised for weak IT system

• Online Safety Bill soon to undergo pre-legislative scrutiny

Articles

• Expert comment - Oisin Tobin, Mason Hayes & Curran

• Data protection trends and emerging priority areas - Hannah Hassell, Mason Hayes & Curran LLP

• Cookies - what’s OK and what’s probably not - Miriam Everett, Herbert Smith Freehills LLP

• The UK and adequacy - no easy answers - Bridget Treacy, Hunton Andrews Kurth
• The technical fix for international data transfers - a word of caution - Sophie Stalla-Bourdillon & Alfred Rossi, Immuta

January/February 2021
Volume 14, Issue 1

View Front Cover (PDF)

News Items

• EU Legal Opinion signals eased regulatory burden on DPC

• EU releases new draft of the ePrivacy Regulation

• New guidance on domestic CCTV

• DPC issues ‘Fundamentals’ for a child-oriented approach to data processing

• High Court to decide on DPC’s Facebook case

Articles

• Expert comment - Oisin Tobin, Mason Hayes & Curran

• SCCs and Supplementary Measures - what to do in the interim - Victoria Hordern & Michael Charalambous, Bates Wells

• Lessons from the UK regulator’s data protection/innovation Sandbox - Ali Vaziri, Lewis Silkin LLP

• The proposed Digital Services Act Package - what you need to know - Professor Dr. Patrick Van Eecke & Enrique Gallego Capdevila, Cooley LLP
• 5 data protection and privacy predictions for 2021 - Gareth Oldale, TLT LLP

November/December 2020
Volume 13, Issue 6

View Front Cover (PDF)

News Items

• Board issues Schrems II guidance and EC consults on new SCCs

• Irish organisations prepare for Brexit

• DPC’s fine on Tusla confirmed in Court

• Irish Prison Service to appeal decision about officers’ thumbprints

• 799 data breaches notified by government departments in 2019

Articles

• Expert comment - Oisin Tobin, Mason Hayes & Curran

• Schrems II - what guidance for international transfers? - Victor Timon, Lewis Silkin

• EDPB’s guidance on consent - what’s new? - Alex Jameson, Bates Wells

• Outsourcing using processors: the new EDPB guidelines - Peter Given & Ronke Euler-Ajayi, Womble Bond Dickinson (UK) LLP
• The UK’s Age Appropriate Design Code - Rosemary Jay, Hunton Andrews Kurth

September/October 2020
Volume 13, Issue 5

View Front Cover (PDF)

News Items

• First official guidance on international data transfers post Schrems II

• Court freezes DPC’s probe into Facebook data flows and grants Schrems judicial review

• Facebook and Belgian regulator face off at CJEU over jurisdiction issue

• European Commission presses Zoom for security assurances

• Latest GDPR fines

• NOYB file 101 complaints to EU Supervisory Authorities

Articles

• Expert comment - Oisín Tobin, Mason Hayes & Curran

• There’s no place like home - data protection implications of the move to remote working - Linda Hynes & Catherine Hayes, Lewis Silkin

• Data protection contracts - what tends to be missing and what to do about it - Rocio de la Cruz, Gowling WLG

• AI ethics in the post-GDPR world: Part 2 - Sandy Tsakiridi, HSBC

July/August 2020
Volume 13, Issue 4

View Front Cover (PDF)

News Items

• SCCs can stay, but Privacy Shield is out — CJEU’s surprising ruling

• GDPR receives its first assessment

• DPC queries source of details used to block benefit payments

• TikTok to open data center in Ireland

• Grace period for cookies compliance to end soon

• Dutch regulator issues record fine for violating GDPR data subject rights

Articles

• Expert comment - Oisín Tobin, Mason Hayes & Curran

• Past, present and future of DPC activity - the 2020 Regulatory Activities Report - Mark Ellis & Aishwarya Jha, McCann FitzGerald

• Top ten data protection considerations when outsourcing - Molly Waiting, Bates Wells

• EDPB’s guidelines on territorial scope - clarifications and uncertainties - Peter Given, Womble Bond Dickinson (UK) LLP
• AI ethics in the post-GDPR world: Part 1 - Sandy Tsakiridi, HSBC

May/June 2020
Volume 13, Issue 3

View Front Cover (PDF)

News Items

• All eyes are on the DPC, as it moves to close high profile cases

• Belgian ruling prompts serious concerns about dual role DPOs

• DPC issues first GDPR fine

• Health Service Executive suspends practice of informing employers of COVID-19 statuses

• Identities of NI abuse survivors exposed in data breach

• Lawsuits in Belfast and London filed against EasyJet

Articles

• Expert comment - Oisín Tobin, Mason Hayes & Curran

• The DPC’s new guidance on cookies - Mark Ellis, McCann FitzGerald

• Belgian SA challenges the independence of DPOs - Bridget Treacy & Jonathan Wright, Hunton Andrews Kurth

• Legal responsibilities of processors - a guide - Olivia Whitcroft, OBEP

March/April 2020
Volume 13, Issue 2

View Front Cover (PDF)

News Items

• DPC issues flurry of guidance to assist during the pandemic

• Commissioner warns against quick fix solutions in her Annual Report

• Google under investigation in Ireland over location tracking

• Minister claims Data Protection Commission erred in findings on Public Services Card

• New guidance for controllers on security

• EU plans for new rules on AI ‘could be clearer’, say experts

Articles

• Expert comment - Oisín Tobin, Mason Hayes & Curran

• Combating COVID-19 - what are the new data processing practices? - Olivia Whitcroft, OBEP

• The DPC’s Annual Report - lessons to be learnt and focus for future - Victor Timon, Linda Hynes & Audrey Whyte, Lewis Silkin

• ISO Standards - a guide for privacy professionals - William Stallings, Author

January/February 2020
Volume 13, Issue 1

View Front Cover (PDF)

News Items

• AG delivers Opinion in Schrems II, and its good news

• DPC clarifies ‘lawful basis’ in new guidance

• Irish organisations struggle to comply fully with GDPR

• Ireland ranked second in Europe for data breach notifications

• DPC is ‘overwhelmed’ says German regulator

• SCCs for contracts between controllers and processors published

Articles

• Expert comment - Oisín Tobin, Mason Hayes & Curran

• Blockchain and the GDPR - friends or foes? - Sandy Tsakiridi, HSBC

• BYOD and social media in the workplace - managing the risks - Robert Bond, Bristows

• CCPA - a step change in US privacy - Bridget Treacy, Hunton Andrews Kurth LLP
• Data protection in Japan - Christopher Wells & Narumi Ito, Morgan, Lewis & Bockius Tokyo

November/December 2019
Volume 12, Issue 6

View Front Cover (PDF)

News Items

• CJEU ruling confirms implied consent is dead

• New exceptions to data protection rules for Central Bank

• Commission publishes guidance on DSARs

• DPC’s decision on WhatsApp delayed due to company’s concerns

• Third Privacy Shield Report released

• Man seeks damages from government after his data were given to private investigator

Articles

• Expert comment - Oisín Tobin, Mason Hayes & Curran

• Accountability - moving from theory to practice - Bridget Treacy, Hunton Andrews Kurth

• Data Scraping - what are the privacy implications? - Fiona Campbell, Fieldfisher

• Data ethics - why should you care? - Karishma Brahmbhatt, Allen & Overy
• 7 tips to increase your impact, influence and leadership - Nick Williams, Author, Trainer and Speaker

September/October 2019
Volume 12, Issue 5

View Front Cover (PDF)

News Items

• Rights group brings ‘mass action’ over Public Services Card

• Landmark ruling limits right to be forgotten to EU

• EU Presidency issues amended proposal on EU e-Privacy Regulation

• Web browser accusing Google of trampling on the GDPR asks DPC to investigate

• Apple apologises after workers listened to Siri recordings of intimate moments

• DPC opens investigation into Verizon Media

Articles

• Expert comment - Oisín Tobin, Mason Hayes & Curran

• Contracting under the GDPR: Five not-so-easy pieces - James Clark, DLA Piper

• Just a processor? The fan pages and Fashion ID cases - Ann Bevitt & Amy Collins, Cooley LLP

• Joint controller relationships - more prevalent than previously thought? - Duc Tran & Laura Adde, Herbert Smith Freehills LLP
• Confused by EU cookie rules - The ICO and CNIL are here to help (sort of) - John O’Brien, Reed Smith LLP

July/August 2019
Volume 12, Issue 4

View Front Cover (PDF)

News Items

• DPC on cusp of completing its inquiries

• Court hears arguments in Schrems II

• Banning visitor books is OTT, says DPC

• The first GDPR fines in Romania

• ICO issues notices of intent to fine airline and hotel chain

• Commission weighs in on Artificial Intelligence

Articles

• Expert comment - Oisín Tobin, Mason Hayes & Curran

• GDPR in the workplace - 5 key questions to ask - Linda Hynes & Declan Groarke, Lewis Silkin

• Tricky transparency requirements and how to overcome them - Krysia Oastler, PwC

• Probing the rules on automated decision making - Duc Tran, Herbert Smith Freehills LLP
• Adtech and transparency: an area of focus for regulators - Joanne Vengadesan & Michael Ridge, Penningtons Manches LLP
• The troubling position of the Polish Supervisory Authority regarding BCRs - Damian Karwala, CMS Poland

May/June 2019
Volume 12, Issue 3

View Front Cover (PDF)

News Items

• DPC accused of ‘blocking world on data privacy’

• DPC issues guidance on securing cloud-based environments

• New guidance on use of dash-cams

• Poland issues first GDPR fine

• DPC clarifies right to rectification complaints

• Regulators are working on a ‘matrix’ for calculating fines

Articles

• Expanding the GDPR’s journalism exemption - is all the world a stage? - Hugh McCarthy, Arthur Cox

• ‘Sufficient guarantees’ and technical due diligence when appointing processors - Manish Soni, Herbert Smith Freehills LLP

• Anonymising personal data: where do we stand now? - Sophie Stalla-Bourdillon, Immuta

• Post GDPR enforcement in Germany - a sneak peek - Benjamin Beck & Ulrich Worm, Mayer Brown

March/April 2019
Volume 12, Issue 2

View Front Cover (PDF)

News Items

• DPC releases first report since GDPR

• Advocate General gives Opinion in cookie consent case

• Facebook discloses data breach affecting millions

• EDPB clarifies interplay between GDPR and e-Privacy rules

• Results of Latest Sweep released

• DPC issues further guidance on Brexit

• EDPB consults on codes of conduct and monitoring bodies

Articles

• Consent vs legitimate interest: Part 2 - Mark Watts, Bristows

• How to use dashboard cameras in a compliant way - Anna Rak-Kozerska & Lore Leitner, Wilson Sonsini Goodrich & Rosati LLP

• The GDPR right to be forgotten and employee images - David Whincup, Squire Patton Boggs

• Practical strategies for dealing with Data Subject Requests - James Clark, DLA Piper

January/February 2019
Volume 12, Issue 1

View Front Cover (PDF)

News Items

• DPC begins the year on the backs of the big techs

• Google becomes first tech to receive GDP fine (and it’s large)

• Garda tells cyclists to remove Twitter videos of motorists and vehicles

• EU Commission and Council celebrate Data Protection Day 2019

• Facebook urges Supreme Court to halt referral to European court

• Campaigners given go ahead to challenge immigration exemption in UK

• Japan secures adequacy status

Articles

• Brexit - impact on personal data flows between Ireland and the UK - Ian Duffy, Author Cox

• Data protection by Design and by Default: from theory to practice - Bridget Treacy, Hunton Andrews Kurth LLP

• Consent vs legitimate interest: Part 1 - Mark Watts, Bristows

• Reconciling innovation and regulation: mission impossible? - Fiona Maclean & Olga Phillips, Latham & Watkins

November/December 2018
Volume 11, Issue 6

View Front Cover (PDF)

News Items

• DPC opens broad investigation of Facebook privacy practices

• Public consultation on children’s data protection rights to begin shortly

• Google to shift control of European data from US to Ireland to aid GDPR compliance

• New guidance on data processing operations that require a Data Protection Impact Assessment

• Last Annual Report of the ODPC published

• Health body apologises after email addresses of 200 job applicants are incorrectly shared in email

• Commission issues statement on data protection and community based CCTV schemes

Articles

• Enforcing the GDPR - what lies ahead? - Mark Rasdale & Davinia Brennan, A&L Goodbody

• The changing litigation landscape in Ireland - Deirdre Kilroy, Matheson

• Data protection by Design and by Default: from theory to practice - Bridget Treacy, Hunton Andrews Kurth LLP

• Dealing with Data Subject Requests - practical tips - Lore Leitner, Wilson Sonsini Goodrich & Rosati

September/October 2018
Volume 11, Issue 5

View Front Cover (PDF)

News Items

• DPC conducts first cases of potential GDPR violations

• Data retention laws require ‘urgent’ revisions, Judge says

• DPC seeking answers from Google

• Commissioners endorse guidelines on AI

• Board makes recommendations regarding DPC’s DPIAs list

• UK regulator fines Facebook for failing to protect users’ personal information

• EU and US regulators issue joint statement on Privacy Shield review

Articles

• The Health Regulations - what you need to know - Adam Finlay, McCann FitzGerald

• Making sense of Data Protection by Design and by Default - Bridget Treacy, Hunton Andrews Kurth LLP

• How a company can survive a personal data breach - John O’Brien, Reed Smith LLP

July/August 2018
Volume 11, Issue 4

View Front Cover (PDF)

News Items

• Commission clarifies its role in regulating Google

• Supreme Court of Ireland to review Facebook privacy case

• Personal details of 37,000 Eir customers stolen in data breach

• Facebook fined in UK

• European Parliament calls for suspension of EU-US Privacy Shield unless US can comply fully

• European Union and Japan agree on adequacy

• Browser setting rules could be dropped from new e-Privacy Regulation

Articles

• Part 2: From Fourth Estate to 4G - Journalism and the GDPR - Hugh McCarthy, Arthur Cox

• GDPR certifications - what you need to know - Krysia Oastler, PwC

• California’s Consumer Privacy Act and the GDPR - where do they overlap? - James Clark & Jim Halpert, DLA Piper LLP

• A practical guide to conducting Data Protection Impact Assessments - Sandy Tsakiridi, Fieldfisher

May/June 2018
Volume 11, Issue 3

View Front Cover (PDF)

News Items

• EDPB gets down to business

• Guidance on limiting access rights

• DPC issues draft Data Protection Impact Assessment list for consultation

• DPC publishes report into special investigation in the hospitals sector

• ICANN loses first GDPR ruling in Germany

• Data Protection Act signed into law

• e-Privacy Regulation update

Articles

• Part 1: the GDPR, freedom of expression and a right to remember? - Hugh McCarthy, Arthur Cox

• iConsent and pesky emails - why ‘do nothing’ is the sanest approach - Ashley Roughton, IP Chambers

• The future of international data transfers - Eduardo Ustaran, Hogan Lovells

• How much control makes a controller? - Roisín Cregan & Sekou Taylor, Macfarlanes

March/April 2018
Volume 11, Issue 2

View Front Cover (PDF)

News Items

• DPC to supervise as Facebook “cleans up its Act”

• 79% increase in complaints last year

• Helen Dixon: more accountability in data handling needed

• INM ‘downplayed’ breach in its report to DPC, says regulator

• Facebook refuses to cooperate with New Zealand investigation, citing Irish law

• DPC’s investigation into PSC project extended

• Supreme Court says Microsoft case is “moot”

Articles

• GDPR series: Outsourcing contracts - all changed, changed utterly? - John O’Brien, Reed Smith LLP

• GDPR series: new obligations on data processors - Laura Dietschy, Cooley (UK) LLP

• GDPR series: Certifications, Seals and Marks - Bridget Treacy, Hunton Andrews Kurth

January/February 2018
Volume 11, Issue 1

View Front Cover (PDF)

News Items

• Guidance takes strict interpretation of GDPR consent

• ECJ rules that failed exam candidate gets right to written paper

• Civil servant jailed for one of ‘most serious data breaches ever’

• Results of attitudes to Data Protection in Ireland unveiled

• Court rules that Schrems cannot bring class action lawsuit

• Irish SME Association reports that businesses unprepared for GDPR

• ODPC publishes guidance on securing data in the cloud

Articles

• GDPR series: How to engage third party in a GDPR compliant way - Krysia Oastler, PwC

• GDPR series: How to legitimise your profiling activities - Fedelma Good,
  Samantha Sayers & Olivia Wint, PwC

• GDPR series: Transparency - Manish Soni, Macfarlanes LLP

• GDPR series: the Right to be Forgotten - Hugh McCarthy, Arthur Cox

November/December 2017
Volume 10, Issue 6

View Front Cover (PDF)

News Items

• Working Party’s guidance on profiling creates uncertainty

• Government publishes new Data Retention Bill

• Privacy Shield verdict out

• ODPC to examine circumstances of Uber privacy breach

• DPC tells delegates: “secure senior management buy in – it’s essential”

• Advocate General rejects Facebook’s claim of sole Irish jurisdiction in EU

• Latest Sweep finds website privacy notices are too vague and generally inadequate

Articles

• GDPR series: Creating and reviewing data protection policies Part 2 - external-facing policies - Ann Bevitt, Partner at Cooley (UK) LLP

• GDPR series: Anonymisation and pseudonymisation - James Clark, DLA Piper

• Reviewing data transfers through the lens of transparency - Hugh McCarthy, Arthur Cox

• Schrems II - are SCCs in jeopardy? - Davinia Brennan, A&L Goodbody

September/October 2017
Volume 10, Issue 5

View Front Cover (PDF)

News Items

• New guidance on appropriate qualifications for DPOs under GDPR

• ODPC consults on transparency and international data transfers

• Privacy Shield review completed

• Call for task force to deal with post-Brexit cyber security

• Commissioner continues to assess usage of Public Services Card

• Facebook fined €1.2 million for privacy violations in Spain

• French regulator fines Hertz for data breach

Articles

• GDPR series: Children and parental consent - James Fenelon, Bird & Bird

• GDPR series: Creating and reviewing data protection policies Part 1: internal-facing policies - Ann Bevitt, Cooley LLP

• Practitioner Certificate in Data Protection - Examination Results

• GDPR series: the new data subject rights - Calum Docherty, Fiona Maclean & Danielle van der Merwe, Latham & Watkins

July/August 2017
Volume 10, Issue 4

View Front Cover (PDF)

News Items

• Resolve urgent deficiencies with Shield, says Committee
• EU DPAs tell employers: ‘stop snooping on employees’
• AG supports student in 8 year battle over exam scripts
• DPC prepares new Irish language scheme
• Industry group issues guidance on GDPR legitimate interests
• Germany first EU Member State to enact new Data Protection Act

Articles

• GDPR series: Data security and response planning - Manish Kumar Soni, PwC
• GDPR series: demystifying DPIAs - Samantha Sayers & Kayleigh Clark PwC
• US broadband privacy rules - troubling times ahead - Sana Khan, Rapid Ratings International Inc
• China’s new cybersecurity law: what you need to know - Carolyn Bigg, DLA Piper, Hong Kong

May/June 2017
Volume 10, Issue 3

View Front Cover (PDF)

News Items

• General Scheme for Data Protection Bill unveiled
• Data Protection Impact Assessments get scrutinized
• EU appointing expert group on the GDPR
• PI firm fined for passing personal data to insurance companies
• Irish government publishes paper on Brexit
• DPAs approve of new e-Privacy rules, but note concerns

Articles

• GDPR series: International data transfers 2.0 - Eduardo Ustaran, Hogan Lovells
• GDPR series: The role of the DPO - overcoming a GDPR hurdle - Katalina Bateman, Reed Smith
• Direct marketing and privacy: striking that balance - Nicola Flannery, Deloitte Risk Advisory Ireland
• GDPR series: fining powers of the supervisory authority - Curtis McCluskey, Reed Smith

March/April 2017
Volume 10, Issue 2

View Front Cover (PDF)

News Items

• EU-US Privacy Shield threatened with suspension
• Top judge calls for change to rules on data sharing
• Schrems tells High Court - 'US protections are ‘ephemeral’
• Microsoft attracts attention of EU DPAs with Windows 10 privacy settings
• Australia passes data breach notification law
• Supreme Court in Japan rules on right to be forgotten
• New guidance on IoT in Hong Kong

Articles

• GDPR series: A design for life? Designing the future of privacy - Nicola Flannery,
  Deloitte Risk Advisory Ireland
• GDPR series: practicalities of managing the controller - processor relationship - Jenai Nissim, Legal, TLT LLP
• GDPR series: preparing for One Stop Shop - Bridget Treacy, Hunton & Williams

January/February 2017
Volume 10, Issue 1

View Front Cover (PDF)

News Items

• Circuit Court champions man’s right to be forgotten
• Trump’s Order threatens safety of EU-US Privacy Shield
• High Court begins to hear Schrems versus Facebook II
• ODPC opens Dublin office to celebrate Data Protection Day 2017
• Google ordered to turn over foreign emails
• US Court of Appeals refuses to rehear Microsoft warrant case
• Article 29 Working Party releases GDPR action plan for 2017

Articles

• GDPR series: the new right to data portability - Nicola Fulford & Krysia Oastler, Kemp Little
• GDPR series: building a compliance programme - James Clark, DLA Piper
• GDPR series: accountability - a blueprint for GDPR - Kate Brimsted, Reed Smith
• The right to be forgotten - a decision from the Irish Circuit Court - Gavin Woods & Gemma O’Farrell, Arthur Cox

November/December 2016
Volume 9, Issue 6

View Front Cover (PDF)

News Items

• WhatsApp may not have acted unlawfully, says DPC
• ODPC issues first guidance on GDPR
• DPC intensifies twopronged probe of Yahoo
• Privacy group challenges independence of ODPC
• UK government confirms GDPR will apply
• FTC publishes new guide on handling data breaches
• Commission proposes changes to data transfer mechanisms
• Legal challenge to Privacy Shield

Articles

• Personal data - an expanding concept? - Davinia Brennan, A&L Goodbody
• GDPR series: How to operationalise profiling for your organisation - James Drury-Smith,
  PricewaterhouseCoopers Legal LLP
• Cyber security - update - Bridget Treacy, Hunton & Williams
• Pulling back the curtain on targeted social media advertising - Alison Deighton, TLT LLP
• Book Review - Data Protection & Privacy - jurisdictional comparisons - Monica Salgado, PricewaterhouseCoopers Legal LLP

September/October 2016
Volume 9, Issue 5

View Front Cover (PDF)

News Items

• ODPC to increase audits of technology devices
• New guidance on anonymisation and location data
• Working Party releases Opinion on e-Privacy review
• Privacy Shield certifications — update
• German regulator threatens legal challenge against Shield
• UK PM confirms Brexit will happen in Spring 2017
• ODPC publishes memo on Schrems

Articles

• Implications of Brexit - an Irish perspective - Gary Fitzgerald BL, Law Library
• The future under the e-Privacy Directive - Yuli Takatsuki, Fieldfisher (Silicon Valley)
• People, processes, technology - a how to guide to data mapping - Nicola Fulford & Krysia Oastler, Kemp Little LaLP
• The role of the DPO - what you need to know - Anita Bapat & James Henderson, Hunton & Williams

July/August 2016
Volume 9, Issue 4

View Front Cover (PDF)

News Items

• Working Party still not satisfied with Shield, but gives grace period
• Schrems and Facebook unite against DPC
• DPC publishes Annual Report
• Bavarian DPA publishes guidance on GDPR
• CNIL launches consultation on GDPR articles
• European Parliament adopts NIS Directive
• South Korea introduces voluntary right to be forgotten

Articles

• The Privacy Shield explained - Part 2 - Eduardo Ustaran, Hogan Lovells
• A practical guide to impact assessments - Nicola Fulford & Krysia Oastler, Kemp Little LLP
• Schrems II - an unnecessary legal frolic? - Gary Fitzgerald BL, Law Library
• How to build a GDPR programme - a multidisciplinary approach - Monica Salgado, PricewaterhouseCoopers Legal LLP
• Are oral hearings in the ODPC's future? - Fintan Lawlor, Lawlor Partners Solicitors

May/June 2016
Volume 9, Issue 3

View Front Cover (PDF)

News Items

• Future of Privacy Shield hangs in balance as progress stalls
• Irish exam paper case referred to the CJEU
• GDPR published: D-day is 25th May 2018
• DPC successfully pursues prosecutions
• New compounding of data privacy offences regulations in Malaysia
• German DPAs make resolution on healthcare apps
• Business leaders criticise failure to implement data protection law in Philippines

Articles

• What to do when dawn raids happen - Davinia Brennan A&L Goodbody
• The Privacy Shield explained - Part 1 - Eduardo Ustaran, Hogan Lovells
• Shifts in the key conditions for processing - James Clark, DLA Piper UK
• Dual certification: a tale of two frameworks - Daniel Cooper, Covington & Burling LLP & Hilary Wandall, Merck & Co
• The European Data Protection Board - more than a mere rebranding exercise - Bridget Treacy & Adam Smith, Hunton & Williams

March/April 2016
Volume 9, Issue 2

View Front Cover (PDF)

News Items

• Schrems says Privacy Shield is 'lipstick on a pig'
• New guidance on public sector data sharing
• Working Party begins grappling with GDPR implementation
• Data protection issues source of landmark anti-competition probe in Germany
• Apple and FBI go head to head in court battle over gunman’s iPhone
• CJEU hears arguments regarding whether IP addresses are personal data

Articles

• Monitoring employees'emails - how far is too far? - Davinia Brennan, A&L Goodbody
• The EU-US Privacy Shield - is it strong enough? - Alison Deighton, TLT LLP
• The GDPR's impact on the cloud service provider as a processor - Mark Webber, Fieldfisher (Silicon Valley)

January/February 2016
Volume 9, Issue 1

View Front Cover (PDF)

News Items

• After four years of waiting, language of reform agreed
• DPC updates guidance on CCTV and issues new guidance on drones and BWC
• President signs federal Cybersecurity Information Sharing Act into law
• Consumer agencies to be able to sue companies for data protection violations
• New data breach notification rules in the Netherlands

Articles

• EU General Data Protection Regulation: things you should know - Eduardo Ustaran, Hogan Lovells International LLP
• The right to be forgotten - under spotlight - Rosemary Jay & James Henderson, Hunton & Williams
• The NIS Directive - a practical perspective - Mark Webber & Stuart Taylor, Fieldfisher
• Seven key data protection New Year’s Resolutions companies should be making - Ann Bevitt & Amy Collins, Cooley (UK) LLP
• Just how fair will processing notices need to be under the GDPR? - Suzanne Rodway, RBS Legal

November/December 2015
Volume 8, Issue 6

View Front Cover (PDF)

News Items

• DPC investigating Schrems’ complaint as Safe Harbor onslaught continues
• European Court rules on which regulators can fine companies
• Safe Harbor demise boosts Microsoft EU presence
• DPC prosecutes telecoms for unsolicited marketing
• Significant progress on draft law enforcement Directive
• Supreme Court begins hearing privacy test case

Articles

• The demise of the US-EU Safe Harbor - Bridget Treacy & James Henderson, Hunton & Williams
• What Weltimmo said - the future of enforcement in the EU - Christopher Knight, 11 KBW
• Cyber risk and cyber security - current state of play - Annette Hogan, Consultant, McCann Fitzgerald
• Monetising personal data whilst staying compliant - an impossible conundrum? - Monica Salagdo, PwC Legal LLP

September/October 2015
Volume 8, Issue 5

View Front Cover (PDF)

News Items

• ODPC begins new investigation of children’s websites and apps
• Advocate General creates giant headache for US tech companies
• CNIL rejects Google’s right-to-be-forgotten appeal
• US gives FTC go ahead to monitor cyber security data breaches
• Russian regulator gives its interpretation of new law
• Ashley Madison hackers continue to dump data

Articles

• Data Subject Access Requests - UK versus Ireland - Davinia Brennan, A&L Goodbody
• New Working Party Opinion on drones - a flight plan for data controllers? - Matt Harris & Peter Given, Bond Dickinson LLP
• Do my data look good in this? The challenges with workplace wearables in the EU and US - Ann Bevitt, Cooley UK

July/August 2015
Volume 8, Issue 4

View Front Cover (PDF)

News Items

• Data Protection Regulation will be agreed by 2015, says Albrecht
• Helen Dixon’s fighting talk at launch of her Office’s Annual Report
• DPC — ‘we will not tolerate back-end vetting’
• Online news sites need to proactively monitor content following
• European Official makes significant Opinion on nature of ‘an establishment’
• Working Party updates guidance on BCRs for processors
• French data protection regulator warns websites on cookie use

Articles

• Does the US need an EU-style data protection law? - Randy Sabett & Ann Bevitt, Cooley LLP (US & UK)
• Data Protection Reform — an update - Bridget Treacy, Hunton & Williams
• Wearable technology and the corporate wellness strategy - Katie McMullan, Hogan Lovells International LLP
• Data protection in Japan — proposed changes to the law - Alexander Shepherd & Sarina Keung, Simmons & Simmons

May/June 2015
Volume 8, Issue 3

View Front Cover (PDF)

News Items

• ODPC investigates apps targeting children
• Dixon’s Office doubles budget — just in time to regulate privacy of 240 million Tweeters
• Schrems says Facebook action was forced by ‘madness of Irish courts’
• ODPC asks language school to remove data found in skip
• CNIL makes it easier for company groups to transfer data abroad
• Department defends decision to force handover of PPS numbers
• Google appeals Vidal decision
• Japan to update its data protection law
• Australia: controversial metadata law passed and Commissioner enforces new data retention rules

Articles

• Are you cyber secure? - Davinia Brennan, A&L Goodbody
• Cross device profiling - ensuring compliance - Cross device profiling - ensuring compliance - Bridget Treacy & James Henderson, Hunton & Williams
• The EU cookie compliance sweep - lessons to be learned - Katie McMullan, Hogan Lovells
• Portuguese investigation - a sign of what’s to come? - Monica Salagdo, Visa Europe

March/April 2015
Volume 8, Issue 2

View Front Cover (PDF)

News Items

• Single regulator will trigger intervention of Board in privacy disputes
• Dublin property management firm fined €1,000 over spam text
• Germany approves new data bill with far reaching rights for consumers
• Commissioner to determine if Gardaí breached data laws
• Irish MEPs urged to back controversial passenger data legislation
• Data retention law scrapped in the Netherlands
• EU indicates it will back Ireland in data server issue
• Proposed new data protection and cybersecurity laws in Thailand

Articles

• Access to third party personal information - data protection and FOI compared - Annette Hogan, McCann FitzGerald
• Data privacy and cyber risk in M&As - are you prepared? - Davinia Brennan, A&L Goodbody
• Mobile apps and privacy - a checklist of points to consider - Oisín Tobin, Mason Hayes & Curran
• Human resources - the big data late adopter? - Ann Bevitt, Cooley LLP
• Ryneš and the household exemption - where does it leave us? - Matt Harris & Peter Given, Bond Dickinson LLP

January/February 2015
Volume 8, Issue 1

View Front Cover (PDF)

News Items

• Data Protection Minister talks priorities ahead of Data Protection Day 2015
• Council’s latest draft of new law leaked
• German DPA imposes 1.3 million euro fine on insurance company
• ODPC expands after near doubling of funding
• Leaked Legal Opinion addresses issues with data retention ruling
• Ireland has no issue with US court’s data bid, provided it is done though ‘proper channels’
• Working Party opines on enforcement bodies’ data sharing
• Irish firms prefer carrot to stick approach

Articles

• Harmonisation of opinions on Model Clauses - mission accomplished? - Sabba Mahmood & Olivier Proust, Fieldfisher
• Scrapping Safe Harbor: European scare mongering or a real possibility? - Bridget Treacy & Anita Bapat, Hunton & Williams
• Data protection reform - an update - Ashley Roughton, Barrister

November/December 2014
Volume 7, Issue 6

View Front Cover (PDF)

News Items

• US data demands continue to ruffle Ireland’s feathers
• DPC has stern words for credit unions following flurry of prosecutions against PIs
• DPAs to coordinate internationally
• Advances in APEC data privacy schemes and joint referral scheme with EU
• New model clauses for Australian government procurement contracts
• German regulator orders Google to limit user data
• Working Party calls for improved international coordination on Big Data
• New Opinion on Internet of Things

Articles

• Employee background checks - how far is too far? - Davinia Brennan, A&L Goodbody
• TData protection reform - an update - Bridget Treacy, Hunton & Williams
• Internet of Things revisited - Monica Salgado, Registered European Lawyer
• Google and the ‘right to be forgotten’ — setting the record straight - Ashley Roughton, Barrister

September/October 2014
Volume 7, Issue 5

View Front Cover (PDF)

News Items

• Enforced subject access now an offence
• DPC releases new guide to audit process
• Helen Dixon is new DPC
• ODPC asks Irish Water to improve Privacy Notice
• Working Party gives view on Big Data
• Data protection qualification — exam results released
• New Opinion on Internet of Things

Articles

• Still a ‘safe’ Harbor? - implications of Schrems v DPC - Davinia Brennan, A&L Goodbody
• The interception of communications in Ireland - time for a re-think? - Annette Hogan, McCann FitzGerald Solicitors
• Google and the ‘right to be forgotten’ - the wider implications - Eduardo Ustaran, Hogan Lovells
• Canada’s anti-spam legislation — a high bar? - Sylvia Kingsmill, Deloitte

July/August 2014
Volume 7, Issue 4

View Front Cover (PDF)

News Items

• Working Party ‘sets record straight’ on risk-based approach
• EU authorities to coordinate regarding ‘take down’ requests
• Working Party adopts Opinion on Quebec adequacy status
• EU citizens to get right to sue in US for wrongful disclosure
• Major provisions of Singapore law now in force
• Brazil’s Internet law enters into force
• German DPAs publish guidelines for mobile apps
• ODPC questions Facebook in wake of revelations regarding mood influencing

Articles

• Handling data access requests - the blueprint - Davinia Brennan, A&L Goodbody
• Anonymisation - a process living on borrowed time? - Kate Brimsted, Reed Smith LLP
• Draft ad hoc contractual clauses for EU data processor to non-EU subprocessor — consensus at last? - Dominika Kupczyk, Fieldfisher
• Data retention - what now? - Monica Salgado, Speechly Bircham

May/June 2014
Volume 7, Issue 3

View Front Cover (PDF)

News Items

• Regulators left in a pickle as ECJ creates right to be forgotten
• Latest Annual Report highlights poor customer service as a ‘source of concern’
• Global Sweep targets mobile apps
• DPC finds that Shatter broke DP law
• US judge orders Microsoft to release email data held on Dublin server
• eBay faces international investigation following hack affecting millions
• Facebook judicial review heard

Articles

• Developing mobile apps - how to be privacy savvy - Davinia Brennan, A&L Goodbody
• The future of breach notification in Europe - Nuria Pastor, Field Fisher Waterhouse LLP
• ‘Legitimate interests’ - clarifying the scope Samantha Sayers - Field Fisher Waterhouse LLP
• New data protection law in Brazil - Monica Salgado, Speechly Bircham LLP
• Largest fine ever in Europe - what can we learn? - Monica Salgado, Speechly Bircham LLP

March/April 2014
Volume 7, Issue 2

View Front Cover (PDF)

News Items

• EU DPAs and APEC team up to produce checklist on data transfers
• Reding says reform is ‘irreversible’ as Parliament rubber stamps proposals
• Carphone Warehouse fined for spam marketing in Ireland
• Yahoo’s Dublin move prompted by UK spying?
• New Opinion on data protection and law enforcement
• Privacy groups challenge Facebook’s WhatsApp purchase

Articles

• Is Big Brother watching you? - CCTV surveillance at work - Davinia Brennan, A&L Goodbody
• Data Protection Authorities versus Google - latest developments and practical implications - Monica Salgado, Speechly Bircham LLP
• The draft Data Protection Regulation: can we start counting our chickens? - Hannah Crowther, Bristows
• Data protection - a contextual approach to regulation - Steve Lorber, Lewis Silkin LLP

January/February 2014
Volume 7, Issue 1

View Front Cover (PDF)

News Items

• Reding rallies troops to power forward with reform
• DPC will ‘use and deploy’ fines as required, but will not make extensive use/li>
• LIBE recommends close down of US/EU data flows
• DPC ‘entirely unsatisfied’ with Department’s data handling
• European Data Protection Day 2014 celebrated in style
• Irish credit union exposes data of thousands
• Google — fined by the Spanish and French authorities and sued in the UK

Articles

• Unsolicited marketing rules - how to comply - Davinia Brennan, A&L Goodbody
• DPOs - top ten tips for making better appointments - Monica Salgado, Speechly Bircham LLP
• The ‘Internet of Things’ - already in a home near you - Bridget Treacy & Anita Bapat, Hunton & Williams
• Is Safe Harbor really dead in the water? - Kate McMullan & Samantha Sayers, Field Fisher Waterhouse
• Data protection in Gibraltar - Michael Nahon, Hassans (Gibraltar)

November/December 2013
Volume 6, Issue 6

View Front Cover (PDF)

News Items

• LIBE approves Compromise Text; ball now with Member States
• Working Party gives new guidance on cookie consent
• Largest ever hack of Irish citizen data
• Facebook decision to be reviewed
• Parliament resolves to suspend deal transferring payments data from the EU to US
• Google misses deadline to change its privacy policy
• Data protection authorities resolve to coordinate enforcement strategies

Articles

• The path to a new EU data protection framework - Eduardo Ustaran, Field Fisher Waterhouse
• Augmented reality - a leap into a new world - Olivia Whitcroft, OBEP
• Employees’ use of social media - navigating the potential pitfalls - Ann Bevitt & Karin Retzer, from Morrison & Foerster LLP
• The right to be forgotten - what’s the position now? - Nick Graham & Alexandra Cooper, Dentons
• Looking outside the Prism: how safe are data transfers? - Gail Crawford & Fiona Maclean, Latham & Watkins
• Cybercrime - how to avoid it happening to you - Davinia Brennan, A&L Goodbody

September/October 2013
Volume 6, Issue 5

View Front Cover (PDF)

News Items

• Working Party asks - is 'Safe Harbor' still safe?
• New breach reporting rules for ISPs and telecoms - now in force
• South Africa passes Data Protection Bill
• 2 million customers affected by Vodafone Germany hack
• DPC to audit Apple
• Global Internet Sweep identifies best practice for online companies

Articles

• Making it personnel, unlawful practices by HR departments by Stephanie Pritchett, Pritchetts
• New rules on breach notification by telcos and ISPs - clarity at last? by Davinia Brennan, A&L Goodbody
• Data protection compliance for charities by Lisa Jackson, Leman Solicitors

July/August 2013
Volume 6, Issue 4

View Front Cover (PDF)

News Items

• DPC signs privacy agreement with FTC
• Merkel campaigns for single rules for internet companies
• Safe Harbor ‘under Review’
• Privacy regulators enforce
• GlaxoSmithKline gets BCRs approval
• European Parliament announces further delays in Regulation passage

Articles

• PIAs and privacy by design - using them to your advantage by Monica Salgado, Speechly Bircham
• Social media - challenges in the control of information - Olivia Whitcroft, OBEP
• Risk, Accountability, and Binding Corporate Codes: a ‘smarter’ approach to data protection - Richard Thomas CBE, former UK Information Commissioner, Centre for Information Policy Leadership

May/June 2013
Volume 6, Issue 3

View Front Cover (PDF)

News Items

• ‘Purpose limitation’ analysed in depth by Working Party
• DPC’s latest Annual report highlights concern about public sector data sharing
• New Opinion on smart grid and smart metering systems
• Further clarity on BCRs for processors in new WP Opinion
• German court strikes down Apple data terms
• Justice Minister - under investigation

Articles

• Data on smart devices - are data subjects being protected? - Colin Rooney, Arthur Cox
• Aligning corporate ethics compliance programs with data protection - Karin Retzer, Joanna Lopatowska & Ruti Smithline, Morrison Foerster
• Purpose limitation - clarity at last? - Bridget Treacy & Anita Bapat, Hunton & Williams
• South Africa introduces data protection law - Pamela Stein, Webber Wentzel

March/April 2013
Volume 6, Issue 2

View Front Cover (PDF)

News Items

• Europe and US divide once again over cyber security
• EU’s new mass data storage plans arouse suspicion of MEP
• Google to appear before European regulators this Summer?
• Destruction of newborns’ blood samples - government makes a u-turn
• Law firm launches Ireland’s first data privacy law app
• Article 29 Working Party adopts data protection Opinion

Articles

• The expanded role of the DPO - Lisa Jackson, Leman Solicitors, and Member of the Examination Board for the Practitioner Certificate in Data Protection
• Bring Your Own Device - protecting data on the move - Olivia Whitcroft, OBEP
• What can we learn from the Google experience?', by Gail Crawford & Fiona Maclean, Latham & Watkins
• Potential pitfalls of the draft Regulation', by Monika Kuschewsky, Van Bael & Bellis

January/February 2013
Volume 6, Issue 1

View Front Cover (PDF)

News Items

• 'Stricter and tougher to navigate’ - LIBE Committee’s proposals
• EU proposes ban on BCRs and model clauses for cloud computing
• Irish Presidency questions ‘right to be forgotten’
• Dutch and Canadian regulators’ landmark collaboration
• Facebook/Samaritans suicide alert plan attracts DPC’s interest

Articles

• The new right to data portability - Anita Bapat, Hunton & Williams
• Things to do to prepare for the new Regulation - Colin Rooney, Arthur Cox
• EU data protection proposals - implications for employment - Steven Lorber, Lewis Silkin
• Consent - the silver bullet? - Victoria Hordern, Field Fisher Waterhouse
• The new Privacy Bill - Fintan Lawlor, Lawlor Partners

November/December 2012
Volume 5, Issue 6

View Front Cover (PDF)

News Items

• Working Party makes it personal in latest Opinion
• Clouds on the horizon as they move up regulatory agenda
• Irish pupils’ records compromised
• Expert claims that public sector needs greater direction on legal implications of cloud computing
• EU DPAs: Google must change privacy policy or else
• Austrian DPA not independent

Articles

• Data protection and employment - Part 6 - Oisin Tobin and Philip Nolan, Mason Hayes & Curran
• Preserving privacy in the age of biometrics - Colin Rooney, Arthur Cox
• The changing face of cloud computing and data protection - Monika Kuschewsky, Van Bael & Bellis
• 'BCRs under the Regulation – reasons to be cheerful? - Sian Rudgard, Field Fisher Waterhouse LLP

September/October 2012
Volume 5, Issue 5

View Front Cover (PDF)

News Items

• DPC pleads poverty as pressure mounts on Ireland
• Vodafone pays out €40,000 over unsolicited marketing calls
• ODPC concludes second privacy audit of Facebook
• Meteor and eMobile spared convictions
• Shatter to revisit Privacy Bill over topless Kate
• EU cloud partnership to be established

Articles

• Data protection and employment - Part 5 - Oisin Tobin & Philip Nolan, Mason, Hayes & Curran
• Challenging times ahead for data processors - Bridget Treacy, Hunton & Williams
• Data Protection Impact Assessments: look before you leap' - Stephanie Pritchett, Pritchetts
• The new rules on using children's data - Anita Bapat, Hunton & Williams

July/August 2012
Volume 5, Issue 4

View Front Cover (PDF)

News Items

• Safe Habor not safe enough, says Working Party
• Existence of legal action does not preclude access requests, says ruling
• Country’s banks under investigation
• Vodafone sued for storing customer’s mobile traffic data
• DPC to determine Facebook’s fate in October

Articles

• Data protection and employment - Part 4 - Oisin Tobin and Philip Nolan, Mason Hayes & Curran
• Tackling data protection in the cloud - Colin Rooney, Arthur Cox
• New EU data protection sanctions — vital shock treatment or another fine mess - Kate Brimsted, Herbert Smith LLP
• The draft Data Protection Regulation — a new era for data processors? - Emma Burnett and Julia Graham, CMS Cameron McKenna LLP

May/June 2012
Volume 5, Issue 3

View Front Cover (PDF)

News Items

• Working Party chimes in on Regulation’s shortcomings
• Brokers say banks abusing customer data
• Levels of state spying reach record high
• ODPC to investigate eight government agencies
• New Opinion on biometric data

Articles

• Data protection and employment - Part 3 - Oisin Tobin and Philip Nolan, Mason Hayes & Curran
• Extra territoriality and international transfers under the proposed Regulation - Richard Jones, Clifford Chance LLP
• The new Data Protection Regulation - further steps on the road towards adoption - Henri de Waele, Radboud University Nijmegen

March./April 2012
Volume 5, Issue 2

View Front Cover (PDF)

News Items

• Public services ID cards to be unleashed on thousands
• Hawkes: ‘we need more resources'
• Household charge data sharing to be in place by the end of March
• Data sharing review group holds its first meeting
• DPC approves use of Binding Corporate Rules
• 69 questions for Google

Articles

• Data protection and employment — Part 2' - Oisin Tobin & Philip Nolan, Mason Hayes & Curran
• Lessons to be learned from the audit of Facebook Ireland' - Mark Rasdale and Kate Gorey, A&L Goodbody
• Implications of replacing the Data Protection Directive with a Regulation — a legal perspective - Henri de Waele, Radboud University, Nijmegen
• Data Protection reform — the French perspective - Thierry Bernard, Quadridge
• The draft Regulation — does every cloud have a silver lining?', by Alexander Brown & Clare Adam, Simmons & Simmons LLP

January/February 2012
Volume 5, Issue 1

View Front Cover (PDF)

News Items

• Regulation foretells tougher times ahead
• City Council under investigation
• Data protection meeting about household charge
• Google policies may be assessed
• Working Party still concerned about PNR draft

Articles

• Criminal Justice Act 2011’s breach reporting provisions - Olivia Mullooly, Arthur Cox
• Data protection and employment - Part 1 - Oisin Tobin & Philip Nolan, Mason Hayes & Curran
• Formalising the role of the DPO - the practical consequences - Bridget Treacy, Hunton & Williams
• The right to be forgotten - the fog finally lifts', by Monika Kuschewsky, Van Bael & Bellis
• Data protection in the gaming industry - Part 2 - James Brunger, Associate Bristows

November/December 2011
Volume 4, Issue 6

View Front Cover (PDF)

News Items

• New guidance for Irish health sector
• New rules on staff monitoring for FSA regulated Irish firms
• Personnel files found dumped in industrial estate
• National Security Agency helps banks with hackers

Articles

• Mandatory data breach reporting - recent developments - Colin Rooney, Arthur Cox
• Money laundering and data protection - where do we stand? - Richard Jones, Clifford Chance
• Data Protection in the gaming industry’ - James Brunger, Amy Cullen and Scott Allardyce, Bristows
• Article 29 Working Party Opinion on Smart Metering - Monika Kuschewsky and Laura De Boel, Associate, Van Bael & Bellis

September/October 2011
Volume 4, Issue 5

View Front Cover (PDF)

News Items

• Online behavioural advertising framework lambasted
• Facebook Ireland Ltd under investigation
• Jobs site notifies users of breach
• Biometric scanners at Dublin airport

Articles

• New rules on cookies - what they say and what omissions from the early draft tell us’ -Philip Nolan and Oisin Tobin, Mason Hayes & Curran/li>
• Clarifying consent - Eduardo Ustaran, Partner and Victoria Hordern, Senior Associate at Field Fisher Waterhouse
• Privacy backlash - freedom campaigners’ fantasy or imminent peril for business? - Peter Carey, Consultant to Charles Russell
• ‘Data protection in India’, by Shamma Iqbal, Associate at Covington & Burling LLP

July/August 2011
Volume 4, Issue 4

View Front Cover (PDF)

News Items

• Council under investigation for data mismanagement
• Mobile phone companies take urgent measures
• Hawkes investigates after eircom customers were sent warning letters in error
• Welfare users to face bank scans?

Articles

• Geolocation services – where does the Article 29 Working Party stand? - Philip Nolan & Oisin Tobin, Mason Hayes & Curran
• Annual Report 2010 – the highlights - Colin Rooney, Arthur Cox
• Whistleblowing – avoiding the hot water when others let off steam - Stephanie Pritchett, Pritchetts

May/June 2011
Volume 4, Issue 3

View Front Cover (PDF)

News Items

• Data breach at Trinity College
• More complaints from concerned employees
• Telecomms companies fined for unlawful marketing

Articles

• Complying with the Data Protection Acts when outsourcing to the cloud - Stephanie Pritchett, Pritchetts
• RFID — the current state of play', by Monika Kuschewsky and Laura De Boel, Van Bael & Bellis
• Book review: 'Cloud Computing - a practical introduction to the legal issues', by Renzo Marchini. ISBN-13: 978-0580703225. By Peter O’Neill, Mason Hayes & Curran

March/April 2011
Volume 4, Issue 2

View Front Cover (PDF)

News Items

• Organisations need to focus on DP awareness
• Recruitment data compromised in website breach
• Working Party approves RFID Framework

Articles

• Cloud computing and data protection - Gary Comiskey, Deloitte
• Guidance from the Article 29 Working Party on the complex issue of applicable law - Colin Rooney, Arthur Cox
• The right to be forgotten: can legislation put the data genie back in the bottle? - Kate Brimsted, Herbert Smith
• Book Review: 'Data Protection: A Practical Guide to Irish and EU Law', Author: Peter Carey, by Adam Finlay, McCann FitzGerald

January/February 2011
Volume 4, Issue 1

View Front Cover (PDF)

News Items

• Hackers get supersized with Honda and McDonalds
• Payment data of Irish farmers withdrawn from public scrutiny
• Data security breach at the White House

Articles

• How long should I keep data for? - Stephanie Pritchett, Pritchetts
• Remember the software! Data protection perils of application testing and development - Peter Carey, Charles Russell
• A new strategy for reform — the EU Data Protection Directive' - Monika Kuschewsky and Laura De Boel, Van Bael & Bellis
• Survey: Consent to the processing of children’s data across the EU - Nicola Fulford, Bristows

November/December 2010
Volume 3, Issue 6

View Front Cover (PDF)

News Items

• Major breach of 1,500 patient records at HSE
• European Commission to take Austria to court
• Facebook apps breaching its own rules

Articles

• The Data Breach Code of Practice: Developments on Breach Notification Requirements - Colin Rooney, Associate at Arthur Cox
• Redefining “personal data” — can the opinion live up to the hype? - Dan Cooper, of Covington & Burling LLP
• Working Party Opinion on principle of accountability — new obligations for data controllers or old wine in new bottles? - Monika Kuschewsky, Partner at Van Bael & Bellis
• Data Protection Breach forces European Commission to reconsider data transfers with Israel - Ciaran Ward, Information Officer at Lee Valley Regional Park Authority

September/October 2010
Volume 3, Issue 5

View Front Cover (PDF)

News Items

• Germany approves law banning employers from networking sites
• Facebook introduces new location revealing service
• CAO targeted by cyber attackers

Articles

• Data protection and direct marketing - Part 3 - Adam Finlay, Solicitor at McCann FitzGerald
• Online behavioural advertising — is the Working Party Opinion the beginning of the end? - Monika Kuschewsky, Partner at Van Bael & Bellis
• Location based services — a review of the regulatory framework - James Brunger, Solicitor at Bristows

July/August 2010
Volume 3, Issue 4

View Front Cover (PDF)

News Items

• Irish MP calls for changes to Privacy Bill
• Terror data handover deal redrafted
• German minister tells Apple to open up to German DPAs

Articles

• Mandatory breach reporting in Ireland', by Colin Rooney, Partner at Arthur Cox
• Data protection and direct marketing — Part 2', by Adam Finlay, Solicitor at McCann FitzGerald
• International corruption and data protection', by Bret Campbell, Cadwalader, Wickersham & Taft LLP and Peter Carey, Charles Russell

May/June 2009
Volume 3, Issue 3

View Front Cover (PDF)

News Items

• DPC launches Annual Report
• IP addresses are personal, says FTC Chairman
• Russian hacker selling Facebook accounts

Articles

• Three strikes and data protection is out - Partners at Arthur Cox, Conor McDonnell and Rob Corbet, and Trainee Solicitor, Colm Bellew
• Data protection and direct marketing — Part 1 - Annette Orange, Partner at McCann FitzGerald Solicitors
• Working Party confirms ‘controller’ and ‘processor’ distinction - Bridget Treacy, Partner at Hunton & Williams

March/April 2010
Volume 3, Issue 2

View Front Cover (PDF)

News Items

• Travel company goes bust, losing data of 90,000 in process
• German ruling spells challenges ahead for Ireland?
• DPC in talks over ID cards

Articles

• Nothing to declare but… my iris? - Yvonne Cunnane, Matheson Ormsby Prentice
• Data protection in the public sector — lessons from the Revenue Audit - Cian Blackwell, Business Risk Services at Grant Thornton
• Data protection and the investigation of offences — are they compatible? - Rob Corbet, Arthur Cox

January/February 2010
Volume 3, Issue 1

View Front Cover (PDF)

News Items

• Hawkes says global standards for internet privacy a must
• DPC recommends diverse range of measures
• Working Party declares Israel and Andorra ‘adequate’

Articles

• What is the best way forward for mandatory breach notification? - Annette Orange and Moya Moore at McCann FitzGerald
• New EU cookie rule - a practical way forward - Eduardo Ustaran at Field Fisher Waterhouse
• Anonymisation and pseudo-anonymisation of personal data - Nick Graham and Sean Crowley at Denton Wilde Sapte
• US online behavioural advertising - the changing landscape' by Julie O’Neill at Morrison & Foerster

November/December 2009
Volume 2, Issue 6

View Front Cover (PDF)

News Items

• Political furore over new email monitoring code
• Ireland “modest” with spammers
• 1 in 5 Irish business experience data leak
• Review Group’s consultation closes

Articles

• The interaction of data protection and FOI law in Ireland - Colin Rooney at Arthur Cox
• Using ISO 27001 to develop a security awareness program - Brian Honan, Director at BH Consulting
• CI DSS compliance — meeting the requirements - Cian Blackwell and Mark Gahan, Manager at Grant Thornton

September/October 2009
Volume 2, Issue 5

View Front Cover (PDF)

News Items

• Property prices should be published in categories, says Hawkes
• AIB warns of online scamming
• Google to address Swiss concerns

Articles

• Data Protection and cloud computing - Paul Lavery at McCann FitzGerald
• Standard contractual clauses for data transfers outside of the EEA - Rob Corbet and Úna Ní Mhurchú, at Arthur Cox
• Security breach notification in Europe' by Kristof Van Quathem at Covington & Burling LLP

July/August 2009
Volume 2, Issue 4

View Front Cover (PDF)

News Items

• Communications (Retention of Data) Bill 2009 published
• HSE to centralize all medical data
• US seek to delay UBS action
• Expected growth in cloud computing

Articles

• The Commissioner’s Annual Report - selected highlights - Paul Lavery, McCann Fitzgerald Solicitors
• Recent prosecutions in the mobile text marketing sector - Data Protection Ireland
• Unsolicited marketing — has risking noncompliance become a high-risk strategy? - Annette Orange, McCann Fitzgerald Solicitors

May/June 2009
Volume 2, Issue 3

View Front Cover (PDF)

News Items

• Data breach notification - mandatory by 2012
• Privacy notices work best in tables
• Farmers’ EU grant payments made public
• France authorises surveillance of piracy violators

Articles

• Using IT to support compliance with four key Rules - Gary Comiskey, Senior Manager at Enterprise Risk Services at Deloitte
• US pre-trial discovery - reconciled with European data protection law - Monika Kuschewsky, Partner at Van Bael & Bellis
• Cloud computing - data protection concerns unwrapped - Bridget Treacy, Partner at Hunton & Williams
• Dirty work - criminal aspects of bin trawling - Ashley Roughton, Hogarth Chambers and Dy'ann Heward-Mills, Linklaters

March/April 2009
Volume 2, Issue 2

View Front Cover (PDF)

News Items

• Chrome victorious in browser hacking war
• Commissioner advises job seekers
• Starbucks in class action suit
• Law firm recruited to review online services framework

Articles

• Strategies for navigating the data breach minefield - Bridget Treacy, Hunton & Williams
• Is it time to pay up for Telcos and ISP’s? - Philip Nolan and Peter O’Neill, Mason Hayes & Curran
• Power to fine research' by PDP News team

January/February 2009
Volume 2, Issue 1

View Front Cover (PDF)

News Items

• Ireland to follow suit in police home hacking?
• Firms urged to delete data
• Taoiseach takes Commissioner to court
• Help to avoid cyber-attacks

Articles

• New series: How to...stay out of the news - Sinead Ovenden, Director of Regulatory Compliance at Deloitte
• Whistleblower hotlines and data protection - Richard Jones at Clifford Chance LLP, and Josephine Warren at BBC World News)
• Data security - compliance and controls - Paul C Dwyer, CEO at TeamInfoSec
• DPO survey - the results - Staggering absence of data protection officers, 'DPO survey - the results' - news team at Data Protection Ireland)

November/December 2008
Volume 1, Issue 6

View Front Cover (PDF)

Articles

• Cross border bodies - when and to whom does the obligation to notify arise? - Marie Anderson, Solicitor at McManus Kearney
• Dealing with staff data breaches - employment specialist Gabriella Wright
• How to combat identity theft in the corporate world - an essential guide - Peter Wood, Chief of Operations at First Base Technologies
• Tapping affair establishes new privacy right' - Rob Corbet and Claire Walsh at Arthur Cox

September/October 2008
Volume 1, Issue 5

View Front Cover (PDF) 

Articles

• Child Protection and Social Networking - Annette Orange at McCann FitzGerald Solicitors
• The devil and the deep blue sea - US & EU discussions on sharing personal data - Richard Jones, Director of Data Privacy at Clifford Chance LLP
• Data security obligations - under scrutiny once again - Anne-Marie Bohan, Matheson Ormsby Prentice)

July/Aug 2008
Volume 1, Issue 4

View Front Cover (PDF) 

Articles

• A practical approach to data protection challenges and compliance - Liam McKenna, Senior Manager at PricewaterhouseCoopers
• Need to know” access in the workplace - The Office of the Data Protection Commissioner
• MySpace or yours? Data privacy and social networking - Annette Orange at McCann FitzGerald Solicitors
• Safe Harbor, Safe Hands' - Mark Watts, Partner at Bristows

January/February 2001
Volume 1, Issue 3

Articles

• Data security breaches by Don McAleese, Head of Information Technology Law Group at Matheson Ormsby Prentice in Dublin
• The Ultimate Guide to data protection, Part III - Catrin Prys-Williams, Accenture in Dublin
• Online behavioural advertising guidelines to be issued in the US - Julie O’Neill, from US firm Kelley Drye Collier Shannon

March/April 2008
Volume 1, Issue 2

Articles

• Irish law enforcement - data privacy issues - Professor Robert Clark, Arthur Cox
• The Ultimate Guide to data protection, Part II - Catrin Prys-Williams, Accenture in Dublin
• Outsourcing - data protection consideration - Annette Orange, McCann FitzGerald

January/February 2008
Volume 1, Issue 1

Articles

• The Office of the Data Protection Commissioner in 2008 - Billy Hawkes, the Data Protection Commissioner
• The Ultimate Guide to data protection, Part I - Catrin Prys-Williams, Accenture in Dublin
• Medical data - the latest thinking - Annette Orange, McCann FitzGerald