On May 16, 2023, the French Data Protection Authority announced its action plan on artificial intelligence.
Continue Reading CNIL Publishes Action Plan on AI
European Union
European Parliament Adopts EU-U.S. Data Privacy Framework Resolution
On May 11, 2023, at a plenary session, the European Parliament voted to adopt a resolution on the adequacy of the protection afforded by the EU-U.S. Data Privacy Framework which calls on the European Commission to continue negotiations with its U.S. counterparts with the aim of creating a mechanism that would ensure equivalence and provide the adequate level of protection required by EU data protection law. …
Continue Reading European Parliament Adopts EU-U.S. Data Privacy Framework Resolution
CJEU Determines that a Mere Infringement of the GDPR is not Sufficient to Require Compensation
On May 4, 2023, the Court of Justice of the European Union issued a judgment in the Österreichische Post case. …
Continue Reading CJEU Determines that a Mere Infringement of the GDPR is not Sufficient to Require Compensation
EDPB Initiates Procedure for Electing a New Chair
On April 26, 2023, the European Data Protection Board (“EDPB”) initiated the procedure for electing a new Chair and Deputy Chair to replace Andrea Jelinek and Ventsislav Karadjov, whose mandates will end on May 25, 2023.
Continue Reading EDPB Initiates Procedure for Electing a New Chair
CNIL issues €125,000 Fine Against E-Scooter Rental Company
On March 28, 2023, the French Data Protection Authority announced a €125,000 fine on the e-scooter rental company Cityscoot for breaching EU and French data protection rules, in particular in the context of geolocation and use of Google reCAPTCHA. …
Continue Reading CNIL issues €125,000 Fine Against E-Scooter Rental Company
International Data Transfers: Time to Rethink Binding Corporate Rules
This is an excerpt from CIPL President Bojana Bellamy’s recently published piece in the IAPP “Privacy Perspectives” blog. This piece discusses binding corporate rules as important transfer mechanism.
Continue Reading International Data Transfers: Time to Rethink Binding Corporate Rules
UK Introduces Data Protection and Digital Information (No. 2) Bill
On March 8, 2023, the UK Secretary of State for Science, Innovation and Technology, Michelle Donelan, introduced the Data Protection and Digital Information (No. 2) Bill to UK Parliament.
Continue Reading UK Introduces Data Protection and Digital Information (No. 2) Bill
EDPB issues Its Opinion on the EU-U.S. Data Privacy Framework
On February 28, 2023, the European Data Protection Board issued its Opinion 5/2023 on the European Commission Draft Implementing Decision on the adequate protection of personal data under the EU-U.S. Data Privacy Framework. …
Continue Reading EDPB issues Its Opinion on the EU-U.S. Data Privacy Framework
EDPB Adopts Three Sets of Guidelines in Final Form
On February 24, 2023, following public consultation, the European Data Protection Board published the following three sets of adopted guidelines. …
Continue Reading EDPB Adopts Three Sets of Guidelines in Final Form
European Parliament Committee Opposes Adequacy Under EU-U.S. Data Privacy Framework in Draft Opinion
On February 14, 2023, in a Draft Motion for a Resolution on the adequacy of the protection afforded by the proposed EU-U.S. Data Privacy Framework, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs urged the European Commission not to adopt the Framework, on the basis that it “fails to create actual equivalence” with the EU in the level of data protection that it provides. …
Continue Reading European Parliament Committee Opposes Adequacy Under EU-U.S. Data Privacy Framework in Draft Opinion