The European Data Protection Board has adopted its final guidelines on the territorial scope of the GDPR, taking into account the feedback it received during the public consultation of its draft guidelines published on November 23, 2018.
Continue Reading
Data Processor
EDPB Publishes Guidelines on Data Protection by Design and by Default
On November 13, 2019, the European Data Protection Board published its draft guidelines 4/2019 on the obligation of Data Protection by Design and by Default set out under Article 25 of the EU General Data Protection Regulation. …
Continue Reading
Canada’s Privacy Commissioner Ends Effort to Require Consent for Transborder Data Transfer
On September 23, 2019, the Office of the Privacy Commissioner of Canada announced that it completed its consultation on transfers for processing and that the OPC’s current guidelines for processing personal data across borders—under which consent for transfers to data processors is not required—remain unchanged.…
Continue Reading
CNIL Updates FAQs to Prepare for a No-deal Brexit
On September 10, 2019, the French data protection authority updated its existing set of questions and answers (“FAQs”) on the impact of a no-deal Brexit on data transfers from the EU to the UK and discussed how controllers should prepare.…
Continue Reading
Belgian DPA to Further Investigate Data Breach Affecting Temporary Employment Agency’s Employee Fingerprints
On August 21, 2019, the Belgian Data Protection Authority published a press release informing of its intention to further investigate a data breach that was notified by Adecco Belgium, a temporary employment agency.…
Continue Reading
Dutch DPA to Approve Netherlands Code of Conduct for ICT
On August 12, 2019, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) announced its intent to approve Nederland ICT’s Data Pro Code (the “Code”), a code of conduct for the ICT sector. Nederland ICT represents data processors from the IT sector. Data processors that process personal data on behalf of and for a data controller can join this code of conduct. The draft decision of the Dutch DPA regarding the Code was published in the Official Journal of the Netherlands (the “Staatscourant”) on August 12 and interested parties have six weeks to submit their opinion on the draft decision.
…
Continue Reading
EDPB Releases 2018 Annual Report
On July 16, 2019, the European Data Protection Board published its first Annual Report for 2018, and this blog entry provides highlights from the report.…
Continue Reading
EDPB Adopts Guidelines on Codes of Conduct and Monitoring Bodies
The European Data Protection Board recently adopted its Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. This blog entry provides an overview of the Guidelines.…
Continue Reading
European Commission Publishes Results of Surveys on One Year of GDPR Application
To mark the GDPR’s one-year anniversary, the European Commission recently published the results of two surveys meant to illuminate the public’s awareness of the GDPR and its practical applications. This blog entry provides an overview.…
Continue Reading
Key Conclusions from Hunton Brussels Seminar on the Update of EU Standard Contractual Clauses for International Data Transfers
Hunton Andrews Kurth and its Centre for Information Policy Leadership recently hosted more than 30 privacy leaders for a roundtable seminar on the update of the EU Standard Contractual Clauses for international data transfers. This blog entry provides highlights from the event.…
Continue Reading