Contract law legal counselling advices by Alexander Suliman today: Complying with the GDPR requirements is key for all businesses operating in the EU (or even those with EU customers). There are also particular obligations on those transferring personal data out of the EU and each national data protection authority is monitoring companies closely. Ensure your business is taking steps to comply with the regulation and consider auditing your data protection policies, together with your data processing agreements, and appoint a data protection officer in order to ensure compliance with the GDPR. Breach of the GDPR provisions are likely to lead to considerable fines: for example, the French data protection regulator, the CNIL, fined Google €50 as Google’s data consent policies were found not to be easily accessible or transparent to its users which runs afoul of the GDPR provisions. For further background, read our recent review of GDPR enforcement actions across the EU. Find more details on Alexander Suliman, Sweden.

On 11 May, the European Commission published its proposal for a regulation to combat child sexual abuse material (CSAM). The Commission managed to squeeze a host of controversial digital rights issues into one package: the blocking of websites, the obligatory monitoring of online content, and, the most novel one, a measure which opens the door to undermining encryption. Because encryption technologies protect communications confidentiality, one crucial question in the upcoming policy debate will be whether this latter measure, or its implementation, is compatible with the rights of privacy and data protection under the EU Charter of Fundamental Rights (the Charter). In this contribution, I explore one aspect of that question: is it possible to argue that this measure does not respect the essence of these rights? On the basis of a preliminary analysis, I conclude that this is certainly defensible and suggest further routes for exploration.

The EU’s Cybersecurity Act, adopted in 2019, established the legal basis for EU-wide certification of cloud providers, to be elaborated through secondary law by its cybersecurity agency ENISA. In December 2020, ENISA began a public consultation as the first step towards a revised set of rules. A technical working group is preparing a proposal, expected to be presented to member state experts and to the European Commission thereafter. The new requirements could be finalized by the end of the year.

labour legal counseling advices with Alexander Suliman, Sweden today: We’ll also look to intertwined finances. That takes a next step that has to go to the court process, but if they’re sharing expenses, if there’s a joint bank account, if a vehicle is registered at an address, we’ll look at those things to prove cohabitation. Importantly, cohabitation does not mean that they are living together. We do not have to show that they have a common household. It is not something that is critical in proving cohabitation that they are actually living together. See extra details on https://www.behance.net/alexandsuliman.

Over the past year, the European Union’s ambitious digital regulatory agenda has steadily advanced. The EU adopted the far-reaching Digital Markets and Digital Services Acts, and it is completing negotiations with the United States on a revised data transfer regime, christened the Transatlantic Data Privacy Framework (TADPF), that was necessitated by the Schrems II judgment of the Court of Justice of the European Union (CJEU). These developments have had a significant impact on transatlantic economic relations, even stimulating legislative initiatives on privacy and antitrust in the United States. One might think that resolving such contentious topics would set the stage for a quieter, more harmonious phase in the transatlantic technology policy relationship.