On 9 November 2023, the Court of Justice of the European Union (CJEU) held that an EU Member State may not subject an information society service provider (ISSP) established in another EU Member State to general and abstract regulatory measures that deviate from measures of the Member State in which the ISSP is established (C‑376/22). In doing so, it declared the Austrian Communication Platforms Act and, by implication, many other national online platform regulations, inapplicable…
28 January 2023 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2023, Baker McKenzie’s Global Data Privacy and Security Team is pleased to present this special edition update of key data protection and privacy developments and trends across the globe, as well summarising future legislative changes, predictions, and enforcement priorities to look out for during 2023.…
The 25 May 2021 marks the third anniversary of the GDPR coming into force. As we have moved from preparation for the GDPR to business as usual compliance with the GDPR, regulators have focused on various issues in different jurisdictions. Although we are now three years into compliance with the GDPR being part of our day to day operations, it is clear that interpretation and expectations regarding compliance from the courts and regulators continue to…
Joining host Brian Hengesbaugh this episode is Dr. Lukas Feiler, a partner in Baker McKenzie’s Vienna office. Brian and Lukas discuss breach notification in Austria under the European Union’s General Data Protection Regulation (GDPR). Specifically, how to deal with the 72-hour requirement and some of the related strategic decisions. In this episode, you will learn about: What happens when Austrian data protection authorities follow up on a data breach notificationWhether having a “file early, file…