General Data Protection Regulation

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

Earlier this week, the UK Information Commissioner’s Office (ICO) announced its intent to fine British Airways £183,390 million ($230 million) and its intent to fine Marriott International more than £99 million ($123 million) for violations of the General Data Protection Regulation (GDPR) arising out of data breaches. The ICO investigated the breaches as the lead

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

The new General Data Protection Regulation (GDPR) (Regulation 2016/69, Apr. 27, 2016), approved by the European Parliament and the Council of the European Union, was formally published in the Official Journal of the European Union on May 4, 2016, and will replace the Data Protection Directive (Directive 95/46/EC) effective May 28, 2018. This

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

On December 15, 2015, the European Commission announced that an agreement has been reached with the European Parliament and the Council (the “trilogue” meetings) regarding the Commission’s sweeping 2012 EU Data Protection Reform proposal.  The reform package, which consists of a General Data Protection Regulation and a Data Protection Directive for Police and Criminal