On December 21, 2021, the European Commission announced that it had adopted its adequacy decision on the Republic of Korea. The adequacy decision allows for the free flow of personal data between the EU and Korea, without any further need for authorization or additional transfer tool. The adequacy decision also covers transfers of personal data between public authorities.
Continue Reading European Commission Adopts South Korea Adequacy Decision

The Centre for Information Policy Leadership at Hunton Andrews Kurth recently published a white paper on “Bridging the DMA and the GDPR – Comments by the Centre for Information Policy Leadership on the Data Protection Implications of the Draft Digital Markets Act.” This blog entry provides highlights on the paper.
Continue Reading CIPL Publishes White Paper on the Interplay Between the Draft EU Digital Markets Act and the GDPR

On November 19, 2021, the European Data Protection Board published its draft Guidelines 05/2021 on the interplay between the application of Article 3 of the GDPR, which sets forth the GDPR’s territorial scope, and the GDPR’s provisions on international data transfers.
Continue Reading The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR

On November 18, 2021, the European Data Protection Board released a statement on the Digital Services Package and Data Strategy. The Digital Services Package and Data Strategy is composed of several legislative proposals that aim to facilitate the further use and sharing of personal data between more public and private parties; support the use of specific technologies, such as Big Data and artificial intelligence; and regulate online platforms and gatekeepers.
Continue Reading EDPB Releases Statement on the Digital Services Package and Data Strategy; Calls for Ban on Targeted Ads

The Centre for Information Policy Leadership at Hunton Andrews Kurth published a paper on the Draft ePrivacy Regulation, in the context of the Trilogue Discussions between the EU Commission, EU Council and EU Parliament.
Continue Reading CIPL Publishes Paper on the Draft ePrivacy Regulation to Inform Current Trilogue Discussions

The Irish Data Protection Commissioner has submitted a draft decision on Facebook Ireland Limited’s data protection compliance to other European regulators under the cooperation mechanism of the EU General Data Protection Regulation. The DPC proposed a fine for infringements of the transparency obligations under the GDPR, specifically with respect to the legal basis upon which Facebook relied.
Continue Reading Irish DPC Draft Decision Permits Facebook to Rely on Contractual Necessity for Behavioral Advertising