Philipp Roos

Oct 24, 2024 | lexology.com | Rachael Annear |Zofia Aszendorf |Richard Bird |Georgina Bayly |Beth George |Adam Gillert | +28 more

2025 DATA LAW TRENDS Leading the change Contents 01 AI governance takes center stage 02 International data transfers are under the spotlight 03 A new wave of cyber threats is here 04 New global regulations are changing our digital operations 05 Tougher enforcement is reshaping data and privacy compliance 06 US state consumer privacy laws are expanding 07 Asia's privacy laws are maturing 08 New EU data access regulations are shaping the future 2 Executive summary The 2025 Data Law Trends...

Oct 24, 2023 | lexology.com | Philipp Roos |Christoph Werkmeister |Vinita Kailasanath

The EU Commission’s proposal in May, 2022 for a regulation to create a European Health Data Space (EHDS) sparked significant discussions in the health sector and beyond. In particular, the parts of the proposal addressing the use of data for so-called secondary purposes and the associated data privacy implications raised concerns.

Jun 22, 2023 | lexology.com | Christoph Werkmeister |Philipp Roos |Rachael Annear |Mark Egeler |Satya Staes Polet |Gernot Fritz | +1 more

The European Data Protection Board (EDPB) published the final version of its Guidelines on the calculation of fines under the EU’s General Data Protection Regulation (GDPR) on 7 June 2023. The Guidelines aim to further harmonise fining practices across the EU and were adopted by the EDPB following a public consultation launched in 2022 on a draft version.

Jun 9, 2023 | lexology.com | Adam Gillert |Philipp Roos |Jérôme Philippe |Thomas Retière |Laéna Bouafy

Since the EU’s GDPR entered into force, organisations have increasingly received data subject access requests (Article 15 GDPR). In principle, according to Article 15 GDPR, a data subject may require a data controller to provide a confirmation of whether their personal data is processed.

May 12, 2023 | lexology.com | Philipp Roos |Christoph Werkmeister

Since the landmark Schrems II decision of the Court of Justice of the European Union (CJEU) in summer 2020, transfers of personal data from the European Economic Area (EEA) to the US have become more challenging. Following Schrems II, a proposed EU-US Data Privacy Framework (EU-US DPF) was painstakingly negotiated between the European Commission and the US government with the aim of simplifying transatlantic transfers of personal data.