Privacy Flash - 2016 issues

All 2016 privacy newsletters at your fingertips

Privacy is becoming increasingly important to everyday business. Legal developments and regulators’ increasing attention to privacy are two of the key drivers behind this. The aim of the Privacy Flash is to provide monthly updates on global regulatory developments, as well as relevant news and information on upcoming events in the field of data protection and privacy.

Highlights of issue 17 (December 2016)

  • Russia blocks LinkedIn after non-compliance with data localisation requirement
  • UK Investigatory Powers Bill enters into force
  • Class actions for data protection become possible in France
  • Argentina introduces its proper set of Standard Contractual Clauses
  • German draft GDPR implementation law published; Angela Merkel’s call for a more ‘business-friendly’ German data protection law
  • European Parliament green light to the EU-US data protection Umbrella Agreement
  • Facebook temporarily paused using users’ data from WhatsApp
  • CNIL shares results of GDPR public consultation
  • UK to implement GDPR regardless of Brexit. ICO highlights future guidance of the Article 29 WP on the GDPR
  • Enforcement
  • Conferences
Privacy Flash Issue 17

Highlights of issue 16 (November 2016)

  • Privacy Shield challenged by Irish and French advocacy groups
  • ICO publishes code of practice to stimulate companies’ transparency
  • CNIL shares results on Internet sweep on connected devices
  • Hungarian DPA shares 12-step guide to comply with the GDPR
  • EDPS publishes two opinions on Big Data and Personal Information Management Systems
  • Article 29 WP shares conclusions from the Fablab discussions
  • Brexit might not affect data protection law in the UK
  • The Court of Justice of the European Union declares dynamic IP addresses to be personal data in Breyer decision
  • Yahoo-case might become test-case for the US Security and Exchange Commission
  • Article 29 WP letters to Yahoo and WhatsApp on possible data protection violations
  • Enforcement
  • Conferences
Privacy Flash Issue 16

Highlights of issue 15 (October 2016)

  • DPAs comment on Privacy Shield
  • EU ePrivacy Directive under review
  • Russian data localisation update
  • WhatsApp’s sharing of user personal data with Facebook under EU DPAs scrutiny
  • Belgian State Secretary for Privacy intends strengthening of DPA
  • Belgian DPA issues 13 steps to comply with the GDPR
  • South Africa nominates data protection regulator
  • The Philippines finalise implementing rules to the Data Privacy Act
  • State of New York proposes Cybersecurity regulation for financial institutions
  • Draft agreement between Canada and the EU on the transfer of passenger name record (PNR) data under fire
  • Enforcement
  • Conferences
Privacy Flash Issue 15

Highlights of issue 14 (July 2016)

  • EU-US Privacy: Privacy Shield adopted
  • Hamburg DPA fines three companies over Safe Harbor
  • Brexit creates questions over privacy rules
  • Advocate General of the European Court of Justice issues opinion in Amazon case
  • EDPS launches accountability initiative
  • Umbrella agreement on law enforcement cooperation
  • Bavarian DPA provides further guidance on GDPR
  • Belgian DPA publishes 2015 annual report
  • Irish DPA intends to challenge model clauses
  • Belgian Court of Appeal lifts restrictions on Facebook’s data collection
  • Mauritius joins Convention 108
  • Recent breaches and enforcement actions
  • Forthcoming interesting events
Privacy Flash Issue 14

Highlights of issue 13 (June 2016)

  • General Data Protection Regulation
  • NIS Directive adopted by the EU Council
  • International Data Transfer mechanisms in limbo
  • French Data Protection Authority issues 2016 inspections program topics
  • Supreme Court ruling in Spokeo v. Robins
  • “IP addresses are personal data”
  • Belgian court rules on right to be forgotten
  • New data retention law in Belgium
  • New Secretary of State for privacy appointed in Belgium
  • Recent breaches and enforcement actions
  • Forthcoming interesting events
Privacy Flash Issue 13

Highlights of issue 12 (May 2016)

  • European Data Protection Reform: European Parliament formally adopts the GDPR
  • EU-US Privacy Shield: Art. 29 WP issues opinion on the EU-US Privacy Shield
  • E-Privacy Directive
  • Turkey adopted law on the protection of personal data
  • 2016 global privacy sweep initiative
  • New Information Commissioner in UK
  • Dutch DPA prohibits employers to process employee data collected through wearables
  • Dutch DPA accepted BREIN’s processing of personal data for IP infringement by BitTorrent users
  • Dutch DPA publishes policy on data of sick employees
  • Italian DPA publishes new manual on privacy and debt collection
  • EDPS guidance on information security risk management
  • EDPS: Case law overview
  • European Parliament refuses to vote on PNR
  • Right to be forgotten requests to be directed to Google Inc., not Google Spain
  • Binding Corporate Rules of Starwood Hotels and Resorts approved
  • Recent breaches and enforcement actions
  • Forthcoming interesting events
Privacy Flash Issue 12

Highlights of issue 11 (March 2016)

  • GDPR - Next steps: Formal adoption by Council and EP
  • GDPR action plan of Article 29 Working Party
  • France plans to adopt GDPR elements before 2018
  • German consumer protection organisations get class action powers for data protection violations
  • Judicial Redress Act signed by President Obama
  • European Commission publishes legal texts on the EU-US Privacy Shield
  • Facebook battle expands into France
  • Google expands right-to-be-forgotten rule
  • Recent breaches and enforcement actions
  • Forthcoming interesting events
Privacy Flash Issue 11

Highlights of issue 10 (February 2016)

  • EU-US Privacy Shield: EU and US reach an agreement on new transatlantic data transfer framework
  • US Congress passes Judicial Redress Act
  • European Member States anticipate privacy changes
  • European Court Of Human Rights rules on employee monitoring
  • European Parliament votes on NIS Directive
  • Facebook appeals Belgian court order to stop tracking non-account holders; the CNIL follows Belgian DPA
  • European Watchdog publishes working programme for 2016
  • Russia’s “right to be forgotten” law enters into force
  • Taiwan amends Personal Data Protection Law
  • Recent breaches and enforcement actions
  • Forthcoming interesting events
Privacy Flash Issue 10

Highlights of issue 9 (January 2016)

  • GDPR: EU agrees on General Data Protection Regulation
  • Agreement reached on new Network Information Security Directive (NIS)
  • Provisional agreement on EU Passenger Name Record proposal (PNR)
  • US passes Cybersecurity Information Sharing Act; delays Judicial Redress Act; Safe Harbor 2.0 negotiations
  • Belgian court ordered Facebook to stop tracking internet users who do not have a Facebook account
  • Dutch DPA issues guidelines on data breach notification
  • Recent breaches and enforcement actions
  • Forthcoming interesting events
Privacy Flash Issue 9

Privacy Flashes 2015

Are you looking for information issued in one of our previous Privacy Flashes?

All newsletters issued in 2015 remain available via our 2015 Privacy Flashes archive.


Contact us

For additional information, to subscribe, unsubscribe or to suggest improvements to the Privacy Flash, please email

Did you find this useful?