On March 29 and 30, 2022, the California Privacy Protection Agency will hold public pre-rulemaking informational sessions regarding the California Privacy Rights Act via video conference.
Continue Reading CPPA Holding Public Pre-Rulemaking Meetings on the CPRA on March 29 and March 30
Data Processor
EDPB Adopts Guidelines on Codes of Conduct as Tools for Transfers
Posted on
Posted in European Union, International
On February 22, 2022, the European Data Protection Board adopted its final Guidelines 04/2021 on Codes of Conduct as tools for transfers, following a public consultation that took place in 2021.
Continue Reading EDPB Adopts Guidelines on Codes of Conduct as Tools for Transfers
China Releases Draft Regulations on Network Data Security Management
Posted on
The Cyberspace Administration of China released for public comment the draft Regulations on Network Data Security Management. The Draft Regulations are intended to implement portions of three existing laws: the Cybersecurity Law, the Data Security Law and the Personal Information Protection Law. In this blog entry, we discuss several of the key areas addressed by the Draft Regulations.
Continue Reading China Releases Draft Regulations on Network Data Security Management
CNIL Published Guidelines on Re-Use of Personal Data by Data Processors
Posted on
Posted in European Union, International
The CNIL recently published guidelines on the re-use of personal data by data processors for their own purposes (such as product improvement or development of new products and services) under the GDPR. We have outlined key takeaways from the Guidelines in this blog post.
Continue Reading CNIL Published Guidelines on Re-Use of Personal Data by Data Processors
The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR
Posted on
Posted in European Union, International
On November 19, 2021, the European Data Protection Board published its draft Guidelines 05/2021 on the interplay between the application of Article 3 of the GDPR, which sets forth the GDPR’s territorial scope, and the GDPR’s provisions on international data transfers.
Continue Reading The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR
Colorado Privacy Act Signed Into Law
Posted on
Posted in U.S. State Law
On July 8, 2021, Colorado Governor Jared Polis signed SB21-190, the Colorado Privacy Act, into law, making Colorado the third state to have a comprehensive data privacy law on the books, following California and Virginia. This blog entry provides a summary of the Act.
Continue Reading Colorado Privacy Act Signed Into Law
EDPB Releases Final Recommendations on Supplementary Measures for International Transfers
Posted on
On June 21, 2021, the European Data Protection Board published the final version of its recommendations on supplementary measures in the context of international transfer safeguards, such as Standard Contractual Clauses.
Continue Reading EDPB Releases Final Recommendations on Supplementary Measures for International Transfers
China Issues Data Security Law
Posted on
After two rounds of public comments, the Data Security Law of the People’s Republic of China was formally issued on June 10, 2021, and will become effective on September 1, 2021. This blog entry provides highlights of the new law.
Continue Reading China Issues Data Security Law
CJEU Issues Ruling on Jurisdictional Aspects of the GDPR’s One-Stop-Shop
Posted on
Posted in European Union, International
On June 15, 2021, the Court of Justice of the European Union released its judgment in case C-645/19 of Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v. the Belgian Data Protection Authority. We provide highlights of the case in this blog entry.
Continue Reading CJEU Issues Ruling on Jurisdictional Aspects of the GDPR’s One-Stop-Shop
European Commission Publishes Final Version of Updated Standard Contractual Clauses
Posted on
Posted in European Union, International
On June 4, 2021, the European Commission published the final version of the implementing decision on standard contractual clauses for transfers of personal data to third countries under the EU General Data Protection Regulation, as well as the final version of the new standard contractual clauses.
Continue Reading European Commission Publishes Final Version of Updated Standard Contractual Clauses