February 15, 2019, Inside Privacy

On February 12, 2019, the European Data Protection Board (“EDPB”) published two information notes to highlight the impact of a so-called “No-deal Brexit” on data transfers under the EU General Data Protection Regulation (“GDPR”), as well as the impact on organizations that have selected the UK Information Commissioner (“ICO”) as their “lead supervisory ...

December 20, 2018, Inside Privacy

On December 13, 2018, the Information Commissioner’s Office (“ICO”) in the United Kingdom issued guidance on the state of UK data protection law should the country leave the European Union (“EU”) without having reached an agreement on the terms of its withdrawal.  Much of this latest guidance is consistent with the ICO’s earlier guidance on...… Continue Reading

November 14, 2018, Inside Privacy

On November 6, 2018, the French data protection authority (the “CNIL”) published a report that discusses some of the questions raised by the use of blockchain technology and perceived tensions between it and foundational principles found in the General Data Protection Regulation (the “GDPR”).  As we noted in an earlier blog post on this topic,...… Continue ...

October 17, 2018, The Law Society Gazette

Daniel Cooper spoke with The Law Society Gazette regarding a UK Court of Appeal decision that could make employers vicariously liable for employees’ actions even if they had taken preventative steps and bore no criminal responsibility.   Mr. Cooper said the employer should bear the enterprise risk and assume liability for the actions of its employees, as long as ...

October 10, 2018, Law360

July 24, 2018, Inside Privacy

Blockchain technology has the potential to revolutionise many industries; it has been said that “blockchain will do to the financial system what the internet did to media”.  Its most famous use is its role as the architecture of the cryptocurrency Bitcoin, however it has many other potential uses in the financial sector, for instance in...… Continue Reading

May 25, 2018, Inside Privacy

The much discussed and long-awaited General Data Protection Regulation (“GDPR”) applies from today, May 25, 2018.  It will update and harmonize data protection laws across the EU, and sets out comprehensive rules in relation to personal data handling, as well as the rights of individuals over their personal data. It is unclear how aggressively the...… Continue ...

May 25, 2018, Inside Privacy

Having received Royal Assent on May 23, 2018, the UK Data Protection Bill is now an Act of Parliament. The Data Protection Act 2018 (the “Act”) implements the General Data Protection Regulation (“GDPR”) and replaces the UK Data Protection Act 1998. Notable provisions that make use of the ability of Member States to implement different...… Continue Reading

March 2, 2018, Chartered Management Institute

Daniel Cooper is quoted in a Chartered Management Institute article regarding wearable technology. Providing the legal perspective, Cooper says, "Any employer processing personal information is subject to a range of obligations–this includes making sure they’re very transparent about what they collect, ensuring they have a legal basis for processing that data. ...

January 30, 2018, Inside Privacy

By Dan Cooper, Joseph Jones, and Ruth Scoles Mitchell On January 25, 2018, the Court of Justice of the European Union (“CJEU”) handed down a ruling permitting consumer privacy actions to be brought in the consumer’s home jurisdiction — as opposed to the jurisdiction in which the defendant data controller has its main establishment —...… Continue Reading

September 18, 2017, Covington Alert

Last week, in his annual State of the European Union Address, the President of the European Commission Jean-Claude Juncker called out cybersecurity as a key priority for the European Union in the year ahead. In terms of ranking those priorities, President Juncker placed tackling cyber threats just one place below the EU leading the fight against climate change, ...

August 31, 2017, Covington Alert

On August 31, 2017, China’s National Information Security Standardization Technical Committee (“NISSTC”), a standard-setting committee jointly supervised by the Standardization Administration of China (“SAC”) and the Cyberspace Administration of China (“CAC”), released an updated draft of the Information Security Technology - Guidelines for Data Cross-Border ...

July 4, 2017, Inside Privacy

By Dan Cooper and Rosie Klement The EU’s Article 29 Working Party (“WP29”) has issued new guidance on data processing in the employment context.  Adopted on June 8, 2017, the guidance primarily takes account of the existing data protection framework under the EU Data Protection Directive (Directive 95/46/EC), but also considers the developments coming into ...

May 24, 2017, Covington Alert

On May 25, 2018, employers located or with staff in the European Union (“EU”) will have to comply with a new data protection law—Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data—commonly referred to as the General Data Protection Regulation (“GDPR”). This will ...

May 19, 2017, Covington Alert

On May 19, 2017, the Cyberspace Administration of China (“CAC”) invited international stakeholders to attend a seminar to discuss an updated version of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (“the Measures”). Given that the Measures have an intended effective date of June 1, 2017, it is likely ...

April 12, 2017, Covington Alert

On April 11, 2017, the Cyberspace Administration of China (“CAC”) released a draft of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (“the Draft Measures”) for public comment (official Chinese version available here; Covington’s translation of the Draft Measures is appended at the end of this alert).

March 30, 2017, Business Forums International Ltd.

March 10, 2017, Inside Privacy

On March 9, 2017, the Court of Justice of the EU (“CJEU”) handed down a ruling limiting the reach of its prior “right to be forgotten” jurisprudence, by holding that the right does not prevail over society’s interest in access to official public records of company details required by law. In its famous Costeja/Google Spain ruling,...… Continue Reading

March 8, 2017, Inside Privacy

By Dan Cooper and Rosie Klement On March 2, 2017, the Information Commissioner’s Office (“ICO”) released draft guidance for UK organizations on how the notion of consent will be interpreted and applied when the General Data Protection Regulation (“GDPR”) comes into force in May 2018. The ICO is currently engaging in a public consultation on...… Continue Reading

February 15, 2017, Webinar

December 15, 2016, CCT News

Daniel Cooper is quoted by CCT News in an article regarding the use of wearable technology in the workplace. According to Cooper, the use of wearable devices is a good way, especially for insurers.  However, the wearers’ privacy must be taken care of as well as their legitimate treatment concerns.

November 21, 2016, Financial Times

Daniel Cooper is quoted in a Financial Times article regarding wearable technology in the workplace. According to Cooper, not everyone will welcome sharing intimate personal information with the boss, however. “Wearable devices could be a good way for insurers to get the data . . . but it’s essential to address wearers’ privacy and fair treatment concerns and ...

July 14, 2016, Covington Alert

At a joint press conference on July 12, 2016 in Brussels, EU Commissioner for Justice, Consumers and Gender Equality, Věra Jourová and the U.S. Secretary of Commerce, Penny Pritzker, presented the Privacy Shield (see Press Release here, Adequacy Decision text here, Annexes here, Communication here, and Q&A factsheet here). The press conference followed the ...

July 2016, BNA’s World Data Protection Report

April 12, 2016, Law360

March 24, 2016, The Wall Street Journal

Daniel Cooper is quoted in The Wall Street Journal’s “Morning Risk Report” discussing how companies should best comply with global data protection regulations. Commenting on the binding corporate rule process, Cooper said,“The one thing we know about binding corporate rules is [they tend] to have more appeal to European regulators.” He continues, “For a lot of ...

February 5, 2016, LexisNexis

December 21, 2015, Covington Alert

On December 15, the EU institutions finally agreed the text of the new EU data protection law, the General Data Protection Regulation (“GDPR”), completing a process that began in January 2012. The LIBE committee has published the consolidated version of the GDPR text. The GDPR heralds a new era of data protection. It replaces the existing data protection ...

November 24, 2015, The Register

Dan Cooper is quoted by The Register in an article discussing the uncertainty and complications continuing to surround the Schrems decision that derailed Safe Harbour. Cooper stated that his business clients were both “surprise[d] and shock[ed]” by the European Court’s decision. “Businesses felt like the rug had been pulled out from under them,” said Cooper. ...

October 6, 2015, Covington Alert

October 6, 2015, Al Jazeera

Dan Cooper appeared on the show to discuss the implications of the ECJ Schrems judgment.

7/27/2015-7/31/2015, The Hague Academy of International Law 2015 Session

July 1, 2015, Webinar

June 8, 2015, Financial Times

Covington's Daniel Cooper is quoted regarding the legal implications of wearables in the workplace: “Historically European regulators in the data protection area have been very sceptical you can ever get a valid employee consent — they feel that for existing employees, [the relationship] is almost inherently coercive.”

June 1, 2015, Global Trade & Regulatory Compliance Summit

May 13, 2015, Life Sciences Essentials Webinar Series

May 7, 2015, International Data Exports – EU-US Data Transfers

May 4, 2015, Global Benefits Forum

November 13, 2014, 9th Annual Data Protection Practical Compliance Conference

October 10, 2014, 13th Annual Data Protection Compliance Conference

August 5, 2014

LONDON, 5 August, 2014 — Covington & Burling advised Illumina on its partnership with Genomics England to provide infrastructure and expertise for a four-year project that aims to make the UK the world leader in genetic research into cancer and rare diseases, through funding research to decode 100,000 human genomes - a patient's personal DNA code. The deal is ...

April 24, 2014, Inside EU Life Sciences

This post was originally published on our sister blog Inside Privacy On April 10, 2014, the Article 29 Working Party adopted an Opinion on anonymization techniques.  The Working Party accepts that anonymization techniques can help individuals and society reap the benefits of “open data” initiatives – initiatives intended to make various types of data more freely ...

April 23, 2014, XIIth International CIFA Forum

March 28, 2014, Biobanking Global Congress 2014 Europe

January 22, 2014, Covington E-Alert

December 5, 2013, Global Investigations Summit

November 27, 2013, Covington E-Alert

November 2013, ITU Telecom World 2013 Conference, Bangkok

October 24, 2013, Covington E-Alert

September 11, 2013, 12th Annual Data Protection Compliance Conference

July 11, 2013, Inside Tech Media

By Dan Cooper and Oliver Grazebrook On 20 June 2103, the Court of Rome in Italy ruled that the Wikimedia Foundation (the charitable organisation that operates Wikipedia) could not be liable for defamatory content posted by users on its site.  The court deemed that Wikimedia fell within the exemptions in the Italian transposition of Articles...… Continue Reading

July 8, 2013, 2013 IViR Summer Course on Privacy Law and Policy

June 26, 2013

LONDON, 26 June, 2013 — The UK Information Commissioner's Office has authorised GlaxoSmithKline’s 'Binding Corporate Rules' (BCRs) – a set of internal policies and procedures used to protect personal data across GSK’s operations globally. The privacy and data security team at Covington & Burling was instrumental in the development, implementation and ...

June 25, 2013, SMi’s 3rd Annual Biobanking Conference

May 2013, International Data Privacy Law

April 2013, World Data Protection Report

March 13, 2013, Tackling Doping in Sport 2013

February 27, 2013, Data Protection & Privacy for In-House Advisers

February 15, 2013, Covington E-Alert

February 14, 2013, Covington E-Alert

January 11, 2013, Covington E-Alert

November 16, 2012, Data Protection in the Financial Services Sector 2012, DataGuidance

October 9, 2012, RSA Conference Europe 2012

March 27, 2012, Covington E-Alert

February 21, 2012, Thomson Reuters (Webinar)

February 2, 2012, International Association of Privacy Professionals (Webinar)

January 25, 2012, C5’s 5th Annual European Forum on Anti-Corruption - Effective Anti-Corruption Compliance Strategies to Prepare for Increased Regulatory Scrutiny and Global Enforcement, Munich

January 25, 2012, Covington E-Alert

October 18, 2011, European Privacy Association First International Conference in Europe on Cloud Computing for e-Health, Castelfranco Veneto, Italy

October 13, 2011, PDP 10th Annual Data Protection Compliance Conference

June 24, 2011, European Healthcare Compliance Ethics & Regulation

June 23, 2011, Council of American Survey Research Organizations (Webinar)

May 10, 2011

WASHINGTON, SAN FRANCISCO, BRUSSELS, AND LONDON, May 10, 2011 —Covington & Burling LLP is advising Microsoft Corp. in its acquisition of Skype Global S.à.r.l., the leading Internet communications company, for $8.5 billion in cash. Microsoft’s purchase of Skype from the investor group led by Silver Lake is expected to increase the accessibility of real-time ...

April 26, 2011, Innovation and Privacy Conference

April 5, 2011, Law Accord 2011 Program - Why Sports Law Matters

April 5, 2011, Law Accord 2011 Program - Why Sports Law Matters

March 10, 2011, Covington Advisory

February 15, 2011, EuroWatch

February 10, 2011, Covington Advisory

January 2011, World Data Protection Report

December 24, 2010, Covington Advisory

December 21, 2010, Covington Advisory

November/December 2010, Data Protection Ireland: Volume 3, Issue 6

November 9, 2010, Covington Advisory

June 15, 2010, Covington Advisory

March 29, 2010, Covington Advisory

February 25, 2010, Covington Advisory

February 9, 2010, Covington E-Alert

January/February 2010, The Privacy Advisor

January 26, 2010, 5th European Forum on Anti-Corruption

January 5, 2010, Covington Advisory

November 23, 2009, Covington Advisory

November 20, 2009, Covington Advisory

November 2009, 20th Pandemic Swine Flu Summit, Royal College of Surgeons, London

October 26, 2009, Covington Advisory

October 2, 2009, Covington Advisory

October 2009, The Privacy Advisor

October 2009, PDP 8th Annual Data Protection Compliance Conference

September 30, 2009, EuroWatch

September 22, 2009, Covington Advisory

September 2009, IAPP Privacy Conference, Boston

June 24, 2009, Covington E-Alert

6/09/2009

LONDON, June 9, 2009 — An enhanced version of the world’s first data protection standard for athletes took effect on June 1, 2009. The International Standard for the Protection of Privacy and Personal Information took effect on January 1, 2009, and an enhanced version was unanimously approved in early May 2009 by the Executive Committee of the World Anti-Doping ...

May 2009, European Commission, Madrid

April 2009, Society for Computers & Law Data Protection Group, London

March 2009, UC Berkeley School of Law, Security Breach Notification Symposium, California

March 2009, Medical Research and EU Data Privacy Law

February 2009, ABA Brown Bag Series (In-House Webinar)

January 2009, Computer, Privacy and Data Protection (CPDP) 2nd International Conference, Brussels

11/15/2008

LONDON, 15 November, 2008 — The latest editions of Chambers UK and Legal 500 UK have recognised the London office of Covington & Burling LLP in a combined 22 categories, praising the firm’s lawyers for “best-in-class business acumen” and “excellent industry knowledge” as well as “consistent, absolutely top-tier service.” The firm’s London office has also ...

November 2008, Business Crimes Bulletin

10/1/2008

WASHINGTON, DC, October 1, 2008 — Covington & Burling LLP today announced that 12 of its lawyers have been elected to the firm’s partnership. These new partners are resident in four of the firm’s offices and practice in the litigation, corporate/tax, and regulatory fields. Timothy Hester, chair of the firm’s management committee, commented: “These young and ...

August 14, 2008, The Lawyer

July 19, 2008, Covington E-Alert

July 2008, Privacy and Data Protection

June 2008, Privacy and Data Protection Journal

2008, Covington Report

November 15, 2007

LONDON, November 15, 2007 - Covington & Burling LLP is pleased to announce its role in advising Bank of China’s London Branch on the transfer of its UK retail and part of its UK corporate banking business (based in London, Birmingham, Manchester and Glasgow) to Bank of China (UK) Ltd. Bank of China (UK) Ltd is a newly established UK bank and a wholly-owned ...

July 16, 2007, Covington E-Alert

July 2007, PLC

April 3, 2007

WASHINGTON, DC, April 3, 2007 — Covington & Burling LLP has announced the promotion of four new Of Counsel and six new Special Counsel.The four new Of Counsel are Daniel P. Cooper, Christian Neira, Matthew J. O’Connor, and Kevin J. Shortill.Daniel P. Cooper advises on European privacy and data protection matters, as well as on contentious and non-contentious ...

September 2006, 5th Annual Data Protection Compliance Conference and Workshop Series, London

August 2006, Computer Law & Security Report

July 2006, Privacy Laws & Business 19th Annual International Conference on Data Protection, Cambridge University, UK

June 2006, Business Forums International

May 2006, Data Protection Law & Policy

January/February 2006, Avian Flu Summit, Royal College of Surgeons, London

November 2005, Data Protection Law & Policy

August 2005, Journal of Financial Crime

August 2005, Data Protection Law & Policy

July 2005, The Company Lawyer

July 2005, BNA International World Data Protection Report

July 2005, Data Protection Law & Policy

July 2005, World Data Protection Report

July 2005, Council of American Survey Research Organizations (CASRO) University Conference, New York

April 2005, The Company Lawyer

April 2005, Business Forums International - Amsterdam

February 2005, Regulatory Affairs Journal

January 2005, Covington Report

January 2005, BNA International World Data Protection Report

July 2004, Data Protection Law & Policy

July 2004, Privacy Laws & Business 17th Annual International Conference on Data Protection, Cambridge University, England

October 2003, Privacy International

July 2003, Privacy Laws & Business 16th Annual International Conference on Data Protection, Cambridge University, England

2003, Aspen Copyright Treatise

November 2002, United Nations Economic Commission for Europe, Moscow, Russia

September 1, 2002

September 2002, Privacy Laws & Business

July 24, 2002, Covington Report

May 2002, In Brief

September 2001, E-commerce Law & Policy

June 2001, United Nations Economic Commission for Europe, Geneva, Switzerland

1998, PLI