On 13 February 2019, the data protection officer for the German state of Baden-Wuerttemberg published a guideline on password security under the EU General Data Protection Regulation (GDPR). The guideline aims to advise data controllers (e.g., service providers, administrators) on how to set up effective password policies and securely store passwords, and data subjects (users) on how to choose secure passwords.
Continue Reading

According to recent press reports, since the EU General Data protection Regulation (GDPR) came into force in May 2018, German data protection authorities have issued 41 GDPR-related fines. The highest fine in a single case is reported to have been EUR 80,000, and the majority of fines (33) originated from the state of North-Rhine Westphalia.
Continue Reading

On 12 February 2019, the European Data Protection Board (EDPB) adopted an information note “on data transfers under the GDPR in the event of a no-deal Brexit.” According to the note, as of 30 March 2019, transfers of personal data from the European Economic Area (EEA) to the UK must be based either on Standard or ad hoc Data Protection Clauses, Binding Corporate Rules, Codes of Conduct, Certification Mechanisms or Derogations.
Continue Reading

Regulation (EU) 2019/5, which was published a few days ago in the Official Journal of the European Union, amends the EU pharmaceutical legal framework by firstly complementing new Regulation 2019/6 on veterinary products that repeals Directive 2001/82/EC on veterinary medicinal products and incorporating the provisions on veterinary products contained in Regulation 726/2004 (in particular, Articles 30 to 45), thereby
Continue Reading

On 23 January 2019, the European Commission (the “EU Commission”) authorized the free flow of personal data to Japan. This “adequacy decision,” issued jointly with a mirroring decision by the Japanese government, allows personal data to transfer between the European Union (the “EU”) and Japan freely and under strong guarantees of protection. The outcome of lengthy negotiations resulting in Japan strengthening its privacy rules to follow EU standards,
Continue Reading

The year 2018 is coming to a close. Among other things, it has brought us a new FIFA world champion, royal weddings and some other joyful things like the EU General Data Protection Regulation (GDPR). The latter could arguably cool one’s Holiday spirit—at least in some cases. For example, reportedly, the annual wish list campaign of the City of Roth, Germany, was intitally cancelled due
Continue Reading

A political agreement was reached between the European Parliament, the Council of the European Union (EU) and the European Commission on the EU Cybersecurity Act (Act) and announced on December 10, 2018. The pace of the adoption of the Act (with less than three months of discussions among the EU institutions) confirms that cybersecurity is high on the EU political agenda.
Continue Reading

Although the EU General Data Protection Regulation (the “GDPR”) entered into force on 25 May 2018, and the obligations under the GDPR have since taken effect, there remain significant uncertainties as regards enforcement. In particular, the application of the GDPR’s fining provisions – arguably the key concern for companies commercially – raises several issues,
Continue Reading

On 13 November 2018, the Court of Justice of the European Union (CJEU) ruled that the taste of a food product could not be classified as a ”work” within the meaning of Directive 2001/29/EC and that national member state legislation could not be interpreted differently (Case C-310/17). While the CJEU did not deny the copyrightability of tastes in principle, it
Continue Reading

The UK government has published a series of four technical notices on intellectual property in the event of the UK leaving the EU on 29 March 2019 without an agreement (a ‘no deal Brexit’).  The technical notices were published on 24 September 2018 and cover: Trade marks and designs; Patents; Copyright; and Exhaustion of intellectual property rights. The notices set out the UK government’s
Continue Reading