Photo of Diletta De Cicco

Diletta De Cicco

The Cybersecurity Law Report recently featured a guest article from CPW’s Diletta De Cicco and Charles Helleputte. The article sorts out the key aspects of the latest EU FAQs, offers interpretation insights around some more ambiguous provisions, and provides practical thoughts in areas where the FAQs are silent. Check out the full article (subscription

On October 20, 2022, the French data protection authority (the CNIL) announced a €20 million fine against Clearview AI Inc. (Clearview) for its processing of facial images of individuals residing in France. This is the fourth fine Clearview has received (so far) in Europe. It wraps up the investigation dating back to 2020, when the CNIL started the procedure based on multiple complaints from individuals and activist groups.
Continue Reading When AI-powered Tools Bring (EU) Privacy Troubles – Biometric Templates Identify First

Background

On October 7, 2022, US President Joe Biden signed the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (the Executive Order), introducing new safeguards to protect the personal data shared between the EU and the US.

The Executive Order is the first tangible step towards a new transatlantic framework for personal data transfers, following the March 25, 2022, joint announcement by the European Commission president, Ursula von der Leyen, and US President Biden that they had reached an agreement in principle on a successor to the Privacy Shield.

While details of the actual content leaked over time, here is a summary of what the Executive Order is providing, but, more importantly, what the signature of the order means, not only for those who will be able to certify to the revised Privacy Shield, but also for all others.
Continue Reading We Have an EO, but Not (Yet) a New Transfer Mechanism