On September 23, 2019, the Office of the Privacy Commissioner of Canada announced that it completed its consultation on transfers for processing and that the OPC’s current guidelines for processing personal data across borders—under which consent for transfers to data processors is not required—remain unchanged.
Continue Reading
Data Processor
CNIL Updates FAQs to Prepare for a No-deal Brexit
Posted on
On September 10, 2019, the French data protection authority updated its existing set of questions and answers (“FAQs”) on the impact of a no-deal Brexit on data transfers from the EU to the UK and discussed how controllers should prepare.…
Continue Reading
Belgian DPA to Further Investigate Data Breach Affecting Temporary Employment Agency’s Employee Fingerprints
Posted on
On August 21, 2019, the Belgian Data Protection Authority published a press release informing of its intention to further investigate a data breach that was notified by Adecco Belgium, a temporary employment agency.…
Continue Reading
Dutch DPA to Approve Netherlands Code of Conduct for ICT
Posted on
Posted in European Union, International
On August 12, 2019, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) announced its intent to approve Nederland ICT’s Data Pro Code (the “Code”), a code of conduct for the ICT sector. Nederland ICT represents data processors from the IT sector. Data processors that process personal data on behalf of and for a data controller can join this code of conduct. The draft decision of the Dutch DPA regarding the Code was published in the Official Journal of the Netherlands (the “Staatscourant”) on August 12 and interested parties have six weeks to submit their opinion on the draft decision.
…
Continue Reading
EDPB Releases 2018 Annual Report
Posted on
Posted in European Union, International
On July 16, 2019, the European Data Protection Board published its first Annual Report for 2018, and this blog entry provides highlights from the report.…
Continue Reading
EDPB Adopts Guidelines on Codes of Conduct and Monitoring Bodies
Posted on
Posted in European Union, International
The European Data Protection Board recently adopted its Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. This blog entry provides an overview of the Guidelines.…
Continue Reading
European Commission Publishes Results of Surveys on One Year of GDPR Application
Posted on
Posted in European Union, International
To mark the GDPR’s one-year anniversary, the European Commission recently published the results of two surveys meant to illuminate the public’s awareness of the GDPR and its practical applications. This blog entry provides an overview.…
Continue Reading
Key Conclusions from Hunton Brussels Seminar on the Update of EU Standard Contractual Clauses for International Data Transfers
Posted on
Hunton Andrews Kurth and its Centre for Information Policy Leadership recently hosted more than 30 privacy leaders for a roundtable seminar on the update of the EU Standard Contractual Clauses for international data transfers. This blog entry provides highlights from the event.…
Continue Reading
APEC Endorses Additional U.S. CBPR and PRP Accountability Agent
Posted on
Posted in International
On May 31, 2019, the Asia-Pacific Economic Cooperation endorsed Schellman & Company as the second U.S. Accountability Agent to oversee its Cross-Border Privacy Rules and Privacy Recognition for Processors systems. This blog entry provides an overview of the developments. …
Continue Reading
China Issues Draft of Data Security Administrative Measures
Posted on
On May 28, 2019, the Cyberspace Administration of China released draft Data Security Administrative Measures for public comment. This blog entry provides an overview of the proposed provisions.…
Continue Reading