Eduardo Ustaran

Firm/Organization: Hogan Lovells

Blogs: Global Media and Communications Watch, HL Chronicle of Data Protection

Latest Articles

CJEU: Consent on the Internet Means ‘Opt-In’

October 3, 2019

On 1 October 2019, the Court of Justice of the European Union (CJEU) handed down a crucial decision impacting the way that consent is obtained on the internet. The judgment relates to Case C-673/17 (Planet49 – a previous post outlining the background can be found here). In the Planet49 case, the German Federal Court referred a number of questions to the CJEU regarding the validity of consent to cookies placed by a website operating…

HL Chronicle of Data Protection

CJEU: Consent on the Internet Means ‘Opt-In’

By Eduardo Ustaran & Katie McMullan

October 1, 2019

HL Chronicle of Data Protection

GDPR – The Work Ahead

By Eduardo Ustaran

May 9, 2019

The sky has not fallen. The Internet has not stopped working. The multi-million euro fines have not happened (yet). It was always going to be this way. A year has gone by since the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) became effective and the digital economy is still going and growing. The effect of the GDPR has been noticeable, but in a subtle sort of way. However, it would be hugely mistaken to…

Global Media and Communications Watch

The EDPB’s Narrow View of Contractual Necessity

By Eduardo Ustaran

April 23, 2019

The European Data Protection Board (EDPB) has adopted the narrowest possible interpretation of ‘contractual necessity’ as a ground for processing of personal data. The Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects (adopted on April 9, 2019 and open for consultation until May 24, 2019) provide a detailed assessment of the regulator’s interpretation of the law. Article 6(1)(b) sets…

HL Chronicle of Data Protection

The EDPB’s Narrow View of Contractual Necessity

By Eduardo Ustaran & Elizabeth Campion (Knowledge Paralegal)

April 16, 2019

Global Media and Communications Watch

EDPB Joins the Dots of ePrivacy and GDPR

By Eduardo Ustaran

March 26, 2019

On 12 March 2019 at its Eighth Plenary Session, the European Data Protection Board (“EDPB”) adopted its Opinion 5/2019 on the interplay between the ePrivacy Directive (“ePD”) and the General Data Protection Regulation (“GDPR”). The Belgian Data Protection Authority had, on 3 December 2018, requested that the EDPB examine the overlap between the two laws and in particular the competence, tasks, and powers of data protection authorities (“DPAs”). The EDPB adopted its Opinion in…

HL Chronicle of Data Protection

EDPB Joins the Dots of ePrivacy and GDPR

By Eduardo Ustaran & Elizabeth Campion (Knowledge Paralegal)

March 25, 2019

HL Chronicle of Data Protection

Brexit – A Data Protection Action Plan

By Eduardo Ustaran

January 18, 2019

“There is a cliff, whose high and bending head looks fearfully in the confined deep. Bring me but to the very brim of it” says the blinded Earl of Gloucester in Shakespeare’s King Lear, thinking that he is at the edge of the famous white cliffs of Dover. Right now, the whole of the UK appears to be on the same spot looking over a precipice. However, this is not the moment to be blind. As…

HL Chronicle of Data Protection

UK Government Aims for Data Protection Continuity Despite No Deal Brexit Prospect

By Eduardo Ustaran

December 13, 2018

Amid the constitutional and political uncertainties surrounding the Brexit process, the UK Government has provided welcome assurance on the data protection front. Guidance issued by the Department for Digital, Culture, Media & Sport (DCMS) confirms how UK data protection law will work in the event the UK leaves the EU without a deal. Whilst the Government still regards a No Deal Brexit as “unlikely”, given the extremely severe implications of that scenario for transfers of…

HL Chronicle of Data Protection

EDPB’s Common Sense Approach to the GDPR’s Territorial Scope

By Eduardo Ustaran

December 3, 2018

The EU General Data Protection Regulation is now a fully functioning six-month old creature, which has brought with it significant evolutionary changes. One of the most notable innovations of the new European data protection framework is its ambitious extra-territorial application. The introduction of brand new grounds for the applicability of the law was a major development. As a result, and as essential as this is, the GDPR’s territorial scope of application has become one of…

Eduardo Ustaran

CJEU: Consent on the Internet Means ‘Opt-In’

CJEU: Consent on the Internet Means ‘Opt-In’

GDPR – The Work Ahead

The EDPB’s Narrow View of Contractual Necessity

The EDPB’s Narrow View of Contractual Necessity

EDPB Joins the Dots of ePrivacy and GDPR

EDPB Joins the Dots of ePrivacy and GDPR

Brexit – A Data Protection Action Plan

UK Government Aims for Data Protection Continuity Despite No Deal Brexit Prospect

EDPB’s Common Sense Approach to the GDPR’s Territorial Scope

Stay Connected

Company

Support

New to the Network