On January 10, 2017, less than nine months after the General Data Protection Regulation (GDPR) was adopted by the European Union, the European Commission issued its proposal for a new ePrivacy Regulation. In analyzing this new proposal, this article first places European Union ePrivacy...

EU Data Protection Agencies have been vigorously enforcing violations of regional and national data protection law in recent years against U.S. tech companies but few changes have been made to their business model of exchanging free services for personal data. With the Cambridge Analytica...

Prior to the application of the EU General Data Protection Regulation (GDPR), one of the results of the relatively-low-level of legislatively permitted data protection violation administrative fines was, arguably, a lack of compliance by U.S. Tech Giants, among others. At least on paper, this...

This chapter introduces European Union's 2014 Non-Financial Reporting Directive (NFR Directive), considered a first step in the field of mandatory sustainability reporting, prior to analyzing the need for it to be improved. The author begins by setting out the historical context, both on the...

The new EU General Data Protection Regulation (GDPR) establishes requirements (and certain incentives) for internal compliance mechanisms that do not exist in current legislation. These requirements, which will have an impact on internal processes and staffing of firms, such as the requirement...

This review of (and discussion around) Valérie-Laure Benabou and Judith Rochfeld's as yet untranslated book, A qui profite le clic? Le partage de la valeur à l'ère du numérique, begins by briefly tracing the development of the Internet from disintermediation to today's situation where new...

This article gives a comparative view of two main pieces of data privacy legislation from, respectively, California and the EU: the CCPA and the GDPR. While there are similarities between the two, there are differences, as well, providing challenges for compliance. For example, both instruments...

This study, which focuses on the commercial use of personal data by U.S. airlines, uses actual cases to help analyze the application of the EU General Data Protection Regulation (GDPR) to the airline industry. It is one of the first studies to do so, and as such contributes to the literature. It...