Global Legal Developments related to Cybersecurity Incidents, Cyber Corporate Governance and Regulation Issues, and Privacy and Data Protection Laws
On January 17, 2023, the European Data Protection Board (“EDPB”) Cookie Banner Taskforce adopted a report which provides useful guidance on cookie banners. The EDPB’s report is available here.…
Continue Reading Key Takeaways from the EDPB’s Cookie Banner Taskforce Report
On December 13, 2022, the European Commission (“Commission”) formally launched the process to adopt an adequacy decision for the EU – U.S. Data Privacy Framework and proposed a draft adequacy decision concerning personal data transfers to the U.S. (available here).…
Continue Reading The Draft Adequacy Decision on the EU-US Data Privacy Framework
The Information Commissioner’s Office (“ICO”) has opened a consultation on new draft guidance on monitoring at work (the “Draft Guidance”). The Draft Guidance applies in both the private and public sectors in respect of any worker, a term which is used to include employees as well as non-employee workers, independent contractors and volunteers.
Continue Reading UK ICO Issues Draft Guidance on Monitoring at Work
Today, after over two years of detailed negotiations, President Joe Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (the “Order”) outlining steps the U.S. will take to implement its commitments under the European Union-U.S. Data Privacy Framework, originally announced by President Biden and European Commission President Ursula von der Leyen in March of 2022 (as previously discussed here).[1]…
Continue Reading President Biden Signs Executive Order on New EU-US Data Privacy Framework
On May 3, 2022, the European Commission published its proposal for a regulation on the “European Health Data Space”.
The EHDS is a talismanic European healthtech initiative that could revolutionize access to a deeper pool of EU-wide health data and unlock significant tech, AI and data analytics innovation. As a core part of the Commission’s…
After nearly two years of detailed negotiations, on March 25, 2022, U.S. President Joe Biden and European Commission President Ursula von der Leyen announced an “agreement in principle” on a new Trans-Atlantic Data Privacy Framework (the “Framework”) to re-establish an important legal mechanism to effectuate cross-border transfers of personal data from the EU to the U.S. The Framework is hoped to address concerns raised by the decision of the Court of Justice of the European Union (the “CJEU”) in Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (2020) (“Schrems II”).
Continue Reading Schrems III? The European Commission and U.S. Government Announce New Trans-Atlantic Data Privacy Framework
For those following data privacy and consumer data protection trends, it should come as no surprise that enacting comprehensive legislation to regulate companies’ use of personal data has continued to be a focal point both internationally and in the U.S., at the federal, state and local levels. …
Continue Reading Navigating the Complex Regulation of Privacy and Data Protection
On 10 November 2021, the Supreme Court of the United Kingdom handed down its much-awaited judgment in the case of Lloyd v Google LLC [2021] UKSC 50. The Supreme Court unanimously ruled that the claim, which is a representative action alleging breaches of the Data Protection Act 1998 (“DPA 1998”), could not proceed.
The Supreme…
The past few years have brought monumental changes to how we handle international data transfers from the EU. Schrems I, GDPR, Schrems II, Brexit and now the new Standard Contractual Clauses, published in June, 2021.
Here we share our views on improvements and challenges this modernised version of the SCCs has brought and how it…
Main Takeaways
Recommendations 01/2020 of the European Data Protection Board (the “EDPB”) on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data (the “Recommendations”)[1] attempt to provide a step-by-step roadmap to help EU data exporters transfer personal data outside the EU to third countries in a manner consistent with the judgment of the Court of Justice of the European Union (the “CJEU”) handed down on July 16, 2020, in Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems (“Schrems II”, further described in Section 1 below).[2] The Recommendations were published on November 11, 2020 and can be relied upon immediately, even though they are subject to public consultation, with comments being due prior to December 21, 2020.
Continue Reading Recommendations of the EDPB Further to the CJEU’s Schrems II Judgment: One Step Forward, Two Steps Back?
WE VALUE YOUR PRIVACY
This site uses cookies and full details are set out in our Cookie Policy. Essential Cookies are always on; to accept Analytics Cookies, click "I agree to all cookies."
