Kristof Van Quathem

January 16, 2020, Inside Privacy

On January 14, 2020, the French Supervisory Authority (“CNIL”) published a new draft guidance on the use of cookies and similar technologies on websites and applications (see here, in French).  The draft guidance is open for public consultation until February 25, 2020. In its nine articles, the guidance sets out how to properly inform users...… Continue Reading

January 10, 2020, Inside Privacy

In late December 2019, the Court of The Hague (Netherlands) published a preliminary reference procedure (see here, in Dutch).  The Court was asked to decide on the scope of the right of access under the GDPR. The defendant in this case was a bailiff involved in the bankruptcy procedure.  The individual who was target of...… Continue Reading

January 1, 2020, Inside Privacy

On December 17, 2019, the Belgian Supervisory Authority (“SA”) imposed a fine of € 15,000 on an SME operating a legal information website that welcomes approximately 35,000 unique visitors a month.  Interestingly, in the apparent absence of any actual complaints submitted to the SA, it carried out this enforcement action on its own initiative. In...… Continue ...

December 20, 2019, Inside Privacy

On December 19, 2019, Advocate General (“AG”) Henrik Saugmandsgaard Øe handed down his Opinion in Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems II”). The AG’s Opinion provides non-binding guidance to the Court of Justice of the EU (“CJEU”) on how to decide the case. In brief, the AG recommended that...… Continue ...

December 20, 2019, Covington Alert

On December 19, 2019, Advocate General (“AG”) Henrik Saugmandsgaard Øe handed down his Opinion in Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems II”). The AG’s Opinion provides non-binding guidance to the Court of Justice of the EU (“CJEU”) on how to decide the case.

December 13, 2019, Inside Privacy

On December 11, 2019, the European Data Protection Board (“EDPB”) published the final text of the standard clauses adopted by the Danish Supervisory Authority (Datatilsynet, hereafter “Danish SA”) pursuant to Article 28(8) of the General Data Protection Regulation (“GDPR”).  The Danish clauses are now accessible on the EDPB’s register of decisions taken by ...

December 11, 2019, Inside Privacy

On December 2, 2019, the German Supervisory Authorities issued a report evaluating the implementation of the EU General Data Protection Regulation (“GDPR”) in Germany.  The report describes the Supervisory Authorities’ experience thus far in applying the GDPR and lists the provisions of the GDPR they see as problematic in practice.  For each of these ...

December 3, 2019, Inside Privacy

In two recent landmark decisions issued on November 6, 2019, the German Constitutional Court (“BVerfG”) presented its unique perspective on the “right to be forgotten” and announced that it will assume a greater role in safeguarding German residents’ fundamental rights from now on. Case 1 (1 BvR 16/13) The first case concerned a person who...… Continue Reading

November 29, 2019, Inside Privacy

The Advocate General’s (“AG”) Opinion in Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems II”), has been delayed until the 19th December 2019.  (The original publication date was set for the week before, on the 12th December.) The primary question before the European Court of Justice (“ECJ”), and the AG, in ...

November 20, 2019, Inside Privacy

On November 14, 2019, the EDPB adopted a final version of Guidelines 3/2018 on the territorial scope of the GDPR (Art. 3). This takes into account the contributions and feedback that the EDPB received during a public consultation on a draft version of the guidelines (see here). The draft version of the guidelines raised many...… Continue Reading

November 18, 2019, Inside Privacy

On November 15, 2019, the French Supervisory Authority (“CNIL”) published guidance on the use of facial recognition. The guidance is primarily directed at public authorities in France that want to experiment with facial recognition. The guidance warns that this technology risks leading to biased results because the algorithms used are not 100% reliable and ...

November 7, 2019, Inside EU Life Sciences

On November 5, 2019, the European Commission published a report entitled “Strengthening Strategic Value Chains for a future-ready EU Industry”, which was prepared by the Strategic Forum on Important Projects of Common European Interest (“Forum”). The Forum assists the European Commission in identifying key strategic value chains that can contribute to Europe’s ...

October 9, 2019, Law360

Kristof Van Quathem is quoted in Law360 regarding a European Court of Justice’s decision to increase web cookie consent measures. Mr. Van Quathem says, “It’s unfortunate that the court didn’t address that point because it’s commercially and politically a very sensitive topic, on which there is a lot of uncertainty right now, and it’s a question that could have ...

July 17, 2019, Covington Alert

On July 9, 2019, the European Court of Justice (“ECJ”) heard oral argument in Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems II”). The primary question before the ECJ is whether the European Commission’s standard contractual clauses (“SCCs”) are valid for transfers of personal data to the United States.1 Given ...

July 9, 2019

BRUSSELS—Today, a team of Covington lawyers argued before the European Court of Justice in a landmark data protection case, Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems II”). The case has significant ramifications for any organization that relies on the standard contractual clauses (“SCCs”) to transfer personal ...

June 2019, Pharmind

February 18, 2019, Inside EU Life Sciences

As with anything personalized, be it advertising, medicines or training schedules, also personalized nutrition — using information on individual characteristics to develop targeted nutritional advice, products, or services — risks being affected by the feared GDPR.  Kristof Van Quathem discusses the topic in Vitafoods’ Insights magazine of January 2019, ...

February 12, 2019, Inside EU Life Sciences

The European Data Protection Board (“Board”) released an opinion on January 23, 2019, on the intersection between the EU General Data Protection Regulation (“GDPR”) and the Clinical Trials Regulation (“CTR”).  The opinion considers a Q&A on this topic prepared by the European Commission’s Directorate General for Health.  The Directorate General decided to create ...

January 22, 2019, Covington Alert

On January 21, 2019, the French Supervisory Authority for data protection (“CNIL”) issued a fine of €50 million against Google for violations of the General Data Protection Regulation (“GDPR”) (the decision was published in French here).

October 22, 2018, Inside EU Life Sciences

On October 22, 2018, the European Federation of Pharmaceutical Industries in cooperation with the Future of Privacy Forum and the Center for Information Policy Leadership organized a workshop entitled “Can GDPR Work for Health Research.”  In the first session, the workshop discussed the implications of the General Data Protection Regulation (“GDPR”) on clinical ...

June 14, 2018, Financial Times

Kristof Van Quathem participated in a Financial Times podcast to discuss the impact of the General Data Protection Regulation on medical research and health technology companies. According to Van Quathem, "One of the main concerns I think that we see in the research circle is the uncertainty that is being created by the GDPR, and in particular, when it comes to ...

April 18, 2018, Thomson Reuters Regulatory Intelligence

January 22, 2018

WASHINGTON—Covington advised Bacardi Limited in its definitive agreement to acquire Patrón Spirits International AG and its PATRÓN® brand, the world’s top-selling ultra-premium tequila, from John Paul DeJoria, a founder of Patrón. The transaction reflects an enterprise value for Patrón of $5.1 billion. The transaction follows the successful relationship the ...

January 1, 2018, Law360

Kristof Van Quathem and Yan Luo are quoted in a Law360 article regarding cybersecurity and privacy policies to watch in 2018. Commenting on the General Data Protection Regulation (GDPR), Van Quathem says that although one of the legislation's aims is to harmonize a splintered set of national data privacy laws within Europe, it may end up causing companies aiming ...

November 28, 2017, IoT Data & AI Summit

April 26, 2017, Inside EU Life Sciences

The EU pharmaceutical industry landscape is in significant flux. There are many pressures to provide new therapies and to make them available more early and for as many qualifying patients as possible. In that context, the industry model and the role of exclusivity rights as a tool to stimulate innovation are being discussed. At the...… Continue Reading

February 15, 2017, Webinar

February 18, 2016, Covington Alert

December 21, 2015, Covington Alert

On December 15, the EU institutions finally agreed the text of the new EU data protection law, the General Data Protection Regulation (“GDPR”), completing a process that began in January 2012. The LIBE committee has published the consolidated version of the GDPR text. The GDPR heralds a new era of data protection. It replaces the existing data protection ...

October 6, 2015, InsidePrivacy Blog

October 3, 2015, C5 Conference Brussels

October 1, 2015, InsidePrivacy Blog

April 24, 2014, Inside EU Life Sciences

This post was originally published on our sister blog Inside Privacy On April 10, 2014, the Article 29 Working Party adopted an Opinion on anonymization techniques.  The Working Party accepts that anonymization techniques can help individuals and society reap the benefits of “open data” initiatives – initiatives intended to make various types of data more freely ...

2014, Data Protection & Privacy – Jurisdictional Comparisons

2014, EU Law and Life Sciences

2013, World Sports Law Report

2011, The European Lawyer

2009, Privacy & Informatie

2009, Privacy & Data Protection

2008, Copyright World

2008, World Data Protection Report

2006, World Data Protection Report

2006, World Data Protection Report

2006, Privacy Laws & Business

2005, Privacy & Informatie

1998, European Parliament