On March 15, 2023, the UK Information Commissioner’s Office published an updated version of its guidance on AI and data protection, following requests from UK industry to clarify requirements for fairness in AI.
Continue Reading UK ICO Issues Updated Guidance on AI and Data Protection
International
International Data Transfers: Time to Rethink Binding Corporate Rules
This is an excerpt from CIPL President Bojana Bellamy’s recently published piece in the IAPP “Privacy Perspectives” blog. This piece discusses binding corporate rules as important transfer mechanism.
Continue Reading International Data Transfers: Time to Rethink Binding Corporate Rules
UK Introduces Data Protection and Digital Information (No. 2) Bill
On March 8, 2023, the UK Secretary of State for Science, Innovation and Technology, Michelle Donelan, introduced the Data Protection and Digital Information (No. 2) Bill to UK Parliament.
Continue Reading UK Introduces Data Protection and Digital Information (No. 2) Bill
Irish Data Protection Commission Publishes Annual Report for 2022
On March 7, 2023, the Irish Data Protection Commission published its Annual Report for 2022. …
Continue Reading Irish Data Protection Commission Publishes Annual Report for 2022
EDPB issues its Opinion on the EU-U.S. Data Privacy Framework
On February 28, 2023, the European Data Protection Board issued its Opinion 5/2023 on the European Commission Draft Implementing Decision on the adequate protection of personal data under the EU-U.S. Data Privacy Framework. …
Continue Reading EDPB issues its Opinion on the EU-U.S. Data Privacy Framework
EDPB Adopts Three Sets of Guidelines in Final Form
On February 24, 2023, following public consultation, the European Data Protection Board published the following three sets of adopted guidelines. …
Continue Reading EDPB Adopts Three Sets of Guidelines in Final Form
UK Tribunal Rules on Direct Marketing ICO Case Against Experian
On February 20, 2023, in the case of Experian Limited v The Information Commissioner, the First-Tier Tribunal in the UK ruled on the ICO’s action to require Experian to change how it processes personal data for direct marketing purposes.
Continue Reading UK Tribunal Rules on Direct Marketing ICO Case Against Experian
European Parliament Committee Opposes Adequacy Under EU-U.S. Data Privacy Framework in Draft Opinion
On February 14, 2023, in a Draft Motion for a Resolution on the adequacy of the protection afforded by the proposed EU-U.S. Data Privacy Framework, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs urged the European Commission not to adopt the Framework, on the basis that it “fails to create actual equivalence” with the EU in the level of data protection that it provides. …
Continue Reading European Parliament Committee Opposes Adequacy Under EU-U.S. Data Privacy Framework in Draft Opinion
CJEU Clarifies Rules on Conflict of Interest in Relation to DPO Role
On February 9, 2023, the Court of Justice of the European Union issued a judgment in the X-FAB Dresden case. …
Continue Reading CJEU Clarifies Rules on Conflict of Interest in Relation to DPO Role
CIPL Responds to UK Digital Regulation Cooperation Forum (DRCF) Workplan 2023 to 2024 Call for Input
On January 26, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth responded to a call for input from the UK’s Digital Regulation Cooperation Forum on its workplan for 2023 – 2024. …
Continue Reading CIPL Responds to UK Digital Regulation Cooperation Forum (DRCF) Workplan 2023 to 2024 Call for Input