On June 21, 2021, the European Data Protection Board published the final version of its recommendations on supplementary measures in the context of international transfer safeguards, such as Standard Contractual Clauses.
Continue Reading EDPB Releases Final Recommendations on Supplementary Measures for International Transfers

On June 9, 2021, President Biden signed an Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries, which elaborates on measures to address the national emergency regarding the information technology supply chain declared in 2019 by the Trump administration in Executive Order 13873.
Continue Reading White House Issues Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries

On May 25, 2021, the Grand Chamber of the European Court of Human Rights handed down its judgement in the case of Big Brother Watch and Others v. the United Kingdom, determining that the former surveillance regime in the UK violated Article 8 of the European Convention on Human Rights (i.e., the right to respect for private and family life).
Continue Reading European Court of Human Rights Says Bulk Interception Is Not a Violation of Human Rights

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has submitted its response to the Standing Committee of the National People’s Congress of the People’s Republic of China on the updated version of the Draft Personal Information Protection Law.
Continue Reading CIPL Submits Comments on China’s Updated Draft Personal Information Protection Law

On May 26, 2021, the Court of Appeal handed down its judgment in the case of R (Open Rights Group and the3million) v Secretary of State for the Home Department and Others [2021] EWCA Civ 800, finding that the UK 2018 Data Protection Act’s “immigration exemption” is unlawful.
Continue Reading UK Court of Appeal Signals It Will Closely Scrutinize UK DPA Exemptions

On May 20, 2021, the Belgian Data Protection Authority announced that it had approved the EU Data Protection Code of Conduct for Cloud Service Providers, the first transnational EU code of conduct since the entry into force of the EU General Data Protection Regulation.
Continue Reading Belgian DPA Approves First EU Data Protection Code of Conduct for Cloud Service Providers