On November 23, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its response to the European Data Protection Board consultation on draft guidelines on relevant and reasoned objections under the General Data Protection Regulation cooperation and consistency mechanisms. This posts provides an overview of the EDPB’s guidelines and highlights CIPL’s response.
Continue Reading CIPL Submits Response to the EDPB Guidelines 09/2020 on Relevant and Reasoned Objections under the GDPR

Lexology’s Getting the Deal Through releases its 2021 guide on Data Protection and Privacy. Hunton’s privacy and cybersecurity team members serve as contributing editors of the guide and have authored multiple chapters, including on Belgium, the UK and United States. This blog entry provides a link to download the guide.
Continue Reading Hunton Privacy Team Contributes to 2021 Getting the Deal Through Guide on Data Protection and Privacy

On December 24, 2020, the European Union and the United Kingdom reached an agreement in principle on the historic EU-UK Trade and Cooperation Agreement. For data protection purposes, there is a further transition period of up to six months to enable the European Commission to complete its adequacy assessment of the UK’s data protection laws. For the time being, personal data can continue to be exported from the EU to the UK without implementing additional safeguards.
Continue Reading EU-UK Trade Deal: What It Means For Post-Brexit Data Flows

On December 9, 2020, the Senate Committee on Commerce, Science and Transportation held a hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows. This post reviews the key topics, witnesses and views expressed during the hearing.
Continue Reading Senate Commerce Committee Holds Hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows

On December 15, 2020, the Irish Data Protection Commission announced its fine of 450,000 Euros against Twitter International Company, following its investigation into a breach resulting from a bug in Twitter’s design. The fine is the largest issued by the Irish DPC under the GDPR to date and is also its first against a U.S.-based organization.
Continue Reading Irish DPA Issues €450,000 Fine Against Twitter for Data Breach Following EDPB Decision under the GDPR Consistency Mechanism

On December 10, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its response to the European Commission’s invitation for comments on its draft implementing decision on SCCs to be used for the transfer of personal data from a controller or processor subject to the GDPR to a controller or processor not subject to the GDPR.
Continue Reading CIPL Submits Response to European Commission’s Standard Contractual Clauses for the Transfer of Personal Data to Third Countries Pursuant to the GDPR

On December 10, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its response to the European Commission’s invitation for comments on its draft implementing decision on standard contractual clauses between controllers and processors for purposes of Article 28 of the GDPR.
Continue Reading CIPL Submits Response to European Commission’s Article 28 Standard Contractual Clauses