ILF CONFERENCE IN MILAN – PRESENTATION - TAKEAWAYS FROM FIRST GDPR PENALTIES

15 May 2019

This May we participated in the European Conference of International Law Firms in Milan, where our managing partner Richard Schmidt held a presentation to members of ILF on recent developments of European Data Protection Law. The presentation focused on the lessons learnt from the first GDPR fines imposed by the national data protection authorities of various European jurisdictions in the 1st year of GDPR.

Our office is member of International Law Firms (ILF), a network of 70+ medium-sized independent law firms around the world. The members of ILF gather each year to hold conference on worldwide and regional level, in order to exchange experience, share knowledge and deepen interpersonal relations between lawyers.

This year the European regional conference was held between 10-11 May 2019 in Milan, which is not only the capital of fashion, but the business centre of Italy, as well. The conference was hosted by our esteemed member, Italy, Avv. Veronica Donella, partner of Studio Legale Donella. The popularity of the conference is shown by the fact that  delegates of more than 25 law firms participated the event, even from non-European countries, like USA,  China (Hong Kong) and Indonesia.

Our law firm was represented by managing partner Richard Schmidt, who held a presentation to the members of ILF on the recent developments of European data protection law.

Given that the European General Data Protection Regulation (GDPR) celebrates soon its 1st birthday, Richard’s presentation was focusing on  the application of GDPR in the EU member states, in order to address the issue, whether there is a divergence or convergence between the national data protection authorities of the European countries.

Richard started the presentation with the sanction system of the GDPR, by shortly summarizing the non-pecuniary and pecuniary sanctions of the regulation.

Then Richard analysed the application of the sanctions through case studies brought from different European jurisdictions. Starting with the famous Google decision from France, he continued with the Portuguese hospital case, and with the case of Bisnode in Poland. The case study section of the presentation was closed with taxi company case from Denmark, and with the “Rousseau Platform” case from Italy.

As a synthesis, Richard analysed, how the various aggravating and mitigating factors influencing the severity of sanctions applied work in practice, in the light of the above mentioned national decisions, by emphasizing that the vast majority of open issues will be solved only years later, when the European Court of Justice will deliver judgment in the framework of preliminary ruling procedures, interpreting the disputed provisions of the GDPR.

The presentation was closed by a questions and answers section, in the framework of which interesting questions were discussed by the participants, like extra-EU enforcement of GDPR fines, legitimate interest tests in practice, etc.

We would like to express our highest level of gratitude and appreciation for the organisers to host such a great regional conference in Milan!