This is an excerpt from CIPL President Bojana Bellamy’s recently published piece in the IAPP “Privacy Perspectives” blog. This piece discusses binding corporate rules as important transfer mechanism.
Continue Reading International Data Transfers: Time to Rethink Binding Corporate Rules
European Union
UK Introduces Data Protection and Digital Information (No. 2) Bill
On March 8, 2023, the UK Secretary of State for Science, Innovation and Technology, Michelle Donelan, introduced the Data Protection and Digital Information (No. 2) Bill to UK Parliament.
Continue Reading UK Introduces Data Protection and Digital Information (No. 2) Bill
EDPB issues its Opinion on the EU-U.S. Data Privacy Framework
On February 28, 2023, the European Data Protection Board issued its Opinion 5/2023 on the European Commission Draft Implementing Decision on the adequate protection of personal data under the EU-U.S. Data Privacy Framework. …
Continue Reading EDPB issues its Opinion on the EU-U.S. Data Privacy Framework
EDPB Adopts Three Sets of Guidelines in Final Form
On February 24, 2023, following public consultation, the European Data Protection Board published the following three sets of adopted guidelines. …
Continue Reading EDPB Adopts Three Sets of Guidelines in Final Form
European Parliament Committee Opposes Adequacy Under EU-U.S. Data Privacy Framework in Draft Opinion
On February 14, 2023, in a Draft Motion for a Resolution on the adequacy of the protection afforded by the proposed EU-U.S. Data Privacy Framework, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs urged the European Commission not to adopt the Framework, on the basis that it “fails to create actual equivalence” with the EU in the level of data protection that it provides. …
Continue Reading European Parliament Committee Opposes Adequacy Under EU-U.S. Data Privacy Framework in Draft Opinion
CJEU Clarifies Rules on Conflict of Interest in Relation to DPO Role
On February 9, 2023, the Court of Justice of the European Union issued a judgment in the X-FAB Dresden case. …
Continue Reading CJEU Clarifies Rules on Conflict of Interest in Relation to DPO Role
EDPB Publishes Report of Outcome of the Cookie Banner Taskforce
On January 18, 2023, the European Data Protection Board published its Report on the work undertaken by the Cookie Banner Taskforce. …
Continue Reading EDPB Publishes Report of Outcome of the Cookie Banner Taskforce
CNIL Fines TikTok 5 Million Euros Over Cookie Infringements
On January 12, 2023, the French Data Protection Authority announced that it imposed a €5,000,000 fine on social network TikTok at the end of 2022 for violations of applicable cookies rules.
Continue Reading CNIL Fines TikTok 5 Million Euros Over Cookie Infringements
Meta Fined €390 Million by Irish DPC for Alleged Breaches of GDPR, Including in Behavioral Advertising Context
On January 4, 2023, the Irish Data Protection Commission announced the conclusion of two inquiries into the data processing practices of Meta Platforms, Inc. on the Instagram and Facebook platforms. …
Continue Reading Meta Fined €390 Million by Irish DPC for Alleged Breaches of GDPR, Including in Behavioral Advertising Context
New Cybersecurity Directives (NIS2 and CER) Enter into Force
On January 16, 2023, the Directive on measures for a high common level of cybersecurity across the Union and the Directive on the resilience of critical entities entered into force.
Continue Reading New Cybersecurity Directives (NIS2 and CER) Enter into Force