“The next big financial shock will arise from a succession of cyber-attacks on financial services firms.”
This is the case according to the Chairman of the International Organisation of Securities Commission as cited by the Central Bank of Ireland’s Deputy Governor, Cyril Roux, during a recent address to the Society of Actuaries.
Continue Reading Cyber Security – The Next Big Financial Shock
Model Contracts are standard contractual clauses for the transfer of personal data outside the EU/EEA which have been approved by the European Commission. They have been approved on the basis that they provide sufficient safeguards for privacy, fundamental rights and the exercise of those rights. To date two sets of standard contractual clauses for the transfer of personal data outside the EU/EEA from data controllers to data controllers and one set for transfers from data controllers to data processors have been approved by the Commission.Continue Reading Transfer Tools Post Schrems: EU Data Protection Authorities’ Common Position on Model Contacts
The Office of the Data Protection Commissioner is to get a €1.2m increase in funding for 2016. Minister for European Affairs and Data Protection, Dara Murphy announced the measure, under Budget 2016, and said that the increased resources are bring provided to "ensure that Ireland continues to have an excellent regulatory and enforcement regime for data protection, and that we are fully equipped to adapt to the ever-increasing pace of change in the digital economy".Continue Reading Government announces €1.2m increase in funding for the Office of the Data Protection Commissioner
As has been reported widely in the world media, the Court of Justice of the European Union (CJEU) this week declared the EU-US Safe Harbour regime to be invalid. The decision has understandably given rise to a lot of concern among European businesses that transfer data to the US.
In this blog post, we seek to answer the main questions that are being asked following the CJEU ruling. Continue Reading Data in Disarray: The Aftermath of the Safe Harbour Decision
The Court of Justice of the European Union (CJEU) has today declared that the Commission Decision 2000/520/EC (the Safe Harbour Decision) is invalid. This means that companies can no longer rely on Safe Harbour certification in order to legitimise the transfer of personal data from the EU to the US. Impacted companies will need to put alternative arrangements in place immediately to legitimise their transfers of personal data to the US, such as the Model Contractual Clauses or Binding Corporate Rules (BCRs).
The decision also means that the Data Protection Commissioner (the DPC) must now examine Mr Schrems’ complaint and decide whether, pursuant to the Data Protection Directive 95/46/EC, transfer of the data of Facebook’s European subscribers to the US should be suspended on the ground that that country does not afford an adequate level of protection of personal data. Continue Reading CJEU declares Safe Harbour invalid
The Advocate General, Yves Bot, of the Court of Justice of the European Union (CJEU) last week delivered his opinion in the Maximillian Schrems v Data Protection Commissioner Case, C‑362/14 (the Opinion). The Opinion, which is advisory in nature, recommends that the Safe Harbour programme be invalidated and that the Irish Data Protection Commissioner (the DPC) be empowered to carry out a full investigation as to the adequacy of protection afforded to the personal data of Facebook’s EU users. Continue Reading Safe Harbour in Danger?
The Office of the Data Protection Commissioner (ODPC) participated in the third Global Privacy Enforcement Network (GPEN) Privacy “Sweep” (the Sweep) which took place between 11th and 15th May 2015. The aim of the Sweep was to examine the data privacy practices of websites and apps aimed at or popular among children.Continue Reading GPEN Privacy Sweep 2015 raises Concerns over Children’s Apps
On 14 September 2015, Minister of State for International Financial Services Simon Harris TD launched the FPAI, a new trade association founded to further the interests of stakeholders involved in the rapidly evolving Irish FinTech sector.
FinTech (financial technology) is the term used to describe any technology applied to financial services. Across the broad spectrum of FinTech products available, everyday examples include mobile banking, peer to peer lending, digital currency (e.g. Bitcoin), crowdfunding (e.g. Kickstarter) and online payments systems (e.g. Stripe). Continue Reading Minister for International Financial Services launches FinTech and Payments Association of Ireland (FPAI)
European Union negotiations with the US government for an international data protection framework agreement in the law enforcement area have been finalised. The "Umbrella Agreement" provides that personal data transferred between EU and US law enforcement authorities, such as names, addresses, and criminal records, can only be shared for the purpose of prevention, detection, investigation and prosecution of criminal offences, including terrorism. It must not be used for further incompatible purposes. In cases where a US authority intends to transfer the data further, to a third country or international organisation, it will first have to obtain the consent of the law enforcement authority in the EU which originally transferred the data to the US.Continue Reading EU-US Umbrella Agreement finalised
The Irish High Court has issued a significant decision in Aldi Stores (Ireland) Limited & anor v- Dunnes Stores (No.2) [2015] IEHC 551holding that a plaintiff is entitled as of right to an injunction where a trade mark is infringed in the course of a comparative advertising campaign even where the advertising campaign in question has ended. The defendant has indicated that it will be appealing the finding of liability made by the court. Continue Reading High Court grants injunction prohibiting further trade mark infringement in relation to advertising campaign which has ended.
