Who are our clients?
Eden Legal provides an experienced, modern, prevention-based, solution-focussed service to avoid, progress and solve commercial and regulatory issues affecting digital businesses.
Managing and minimizing risk
Being in business means you take risks. But risks can be managed and even eliminated by good planning and early involvement of your legal advisor. Eden Legal can help with this.
Protecting and growing what you create
For many digital businesses innovations, branding, trade secrets and copyrights are the main assets you have. Eden Legal can help safeguard them.
Are crypto wallet addresses personal data?
Never assume. They can easily be…
EU International Data Transfers - new 2021 Standard Contractual Clauses
The European Commission has issued a new set of standard contractual clauses (“SCCs”) to address new requirements under the GDPR, changes in the digital economy, but most importantly the European Court’s judgment in Schrems II requiring supplementary measures for some exports. The new SCCs are comprehensive and fill some gaps; but they require data importers and exporters to invest significantly in documenting how they will overcome local government surveillance laws.
Adtech Regulation under the EU’s draft Digital Services Act
A lot has been made of the liability and transparency provisions of the EU’s proposed Digital Services Act.
However, there are also a few advertising-specific obligations (proposed to be) coming for online platforms that deserve a closer look.
"Due diligence" obligations for EU online platforms
The quickest-possible look at the EU’s draft Digital Services Act and proposed new obligations for intermediaries and online platforms.
Eden Legal will return with additional posts on: (1) liability for illegal content; and (2) specific adtech-related obligations, under the proposed Regulation.
#Lawinagraphic – minimum wordiness, maximum user-friendliness.
How will Artificial Intelligence Systems be regulated in the EU?
The European Commission has put forward a proposed Regulation on a European Approach for Artificial Intelligence, also known as the “Artificial Intelligence Act”. It’s a proposal and before entering into application faces a likely lengthy path through the EU institutions which seems bound to produce a hefty amount of debate and amendments.
2021 will be the Year of Smart Contracts
Smart contracts are here. Eden Legal’s very initial, very personal thoughts on them.
GDPR EU/UK Representative - do we need one?
Everything you need to know about appointing an EU and/or UK representative as required by the GDPR.
Update 14 February 2021: under the EU Council’s agreed position on the future E-Privacy Regulation, providers of electronic communications services, providers of publicly available directories, senders of direct marketing over electronic communications services, and anyone using processing and storage capabilities or collecting information processed by or emitted by or stored in the end-users’ terminal equipment (i.e. adtech!) will also be required to appoint a representative in the EU and communicate it to the relevant national supervisory authority.
GDPR and Brexit - take us to the bridge
The EU-UK Trade and Cooperation Agreement has avoided major changes to personal data flows between the EEA and UK at least until 30 April 2021. However, if we process data of individuals in both the EEA and the UK, then we face the prospect of complying with two similar but distinct regulatory regimes.
The ICO fines Marriott and BA for GDPR Breaches - 10 Takeaways
If you’re handling personal data subject to EU (and/or UK) laws then you would do well to read the UK Information Commissioner’s (“ICO”) decisions to fine Marriott and BA for failures to have in place appropriate cyber-security measures. And this post for 10 more easily digestible takeaways.
EU Court invalidates Privacy Shield - what to do?
The Court of Justice of the EU has struck down the EU Commission’s EU-U.S. Privacy Shield Framework decision, but in principle left in place the EU Commission’s Standard Contractual Clauses, which organisations can sign in order to impose EU-style data protection obligations on non-EU data importers. For now, where we used to rely the Privacy Shield framework, the pragmatic approach may be to sign SCCs – but the story won’t end there.