The Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP is pleased to announce Matthew Starr and Giovanna Carloni have joined CIPL, adding to its expertise in global privacy and data protection policy.
Continue Reading
Data Protection Authority
Swedish Data Protection Authority Issues First Fine Under GDPR
Posted on
On August 21, 2019, the Swedish Data Protection Authority imposed its first fine since the EU General Data Protection Regulation came into effect, fining a school 200,000 Swedish Kroner for creating a facial recognition program in violation of the GDPR.…
Continue Reading
Belgian DPA to Further Investigate Data Breach Affecting Temporary Employment Agency’s Employee Fingerprints
Posted on
On August 21, 2019, the Belgian Data Protection Authority published a press release informing of its intention to further investigate a data breach that was notified by Adecco Belgium, a temporary employment agency.…
Continue Reading
CIPL Responds to Canada’s Reframed Consultation on Transfers for Processing
Posted on
On August 5, 2019, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP responded to the Office of the Privacy Commissioner of Canada’s (“OPC”) reframed consultation on transfers for processing. The reframed consultation replaced a previously suspended OPC consultation dealing with the same topic to which CIPL had also responded.
…
Continue Reading
CNIL Publishes New Template Records of Processing Activities
Posted on
Posted in European Union, International
On July 25, 2019, the French Data Protection Authority (the “CNIL”) published new template records of data processing activities pursuant to Article 30 of the EU General Data Protection Regulation (“GDPR”). This provision requires organizations subject to the GDPR to maintain internal records of data processing activities. The CNIL recalled that such records are a key accountability tool under the GDPR for identifying, understanding and controlling data processing activities. Setting up and maintaining these records provide businesses with the opportunity to ask the right questions and limit privacy risks under the GDPR. According to the CNIL, this is also a useful moment to set up a data protection compliance action plan.
…
Continue Reading
EDPB Releases 2018 Annual Report
Posted on
Posted in European Union, International
On July 16, 2019, the European Data Protection Board published its first Annual Report for 2018, and this blog entry provides highlights from the report.…
Continue Reading
CNIL Publishes New Guidelines on Cookies and Similar Technologies
Posted on
Posted in European Union, International
On July 18, 2019, the French Data Protection Authority published new guidelines on cookies and similar technologies. This blog entry provides highlights on the guidelines.…
Continue Reading
ICO Publishes First Annual Report Since GDPR’s Implementation
Posted on
The UK Information Commissioner’s Office released its first Annual Report published since the GDPR took effect. This blog entry provides a summary of the Annual Report. …
Continue Reading
EDPB Publishes Opinion on the Competence of a Supervisory Authority in Change in Circumstances Relating to the Main or Single Establishment
Posted on
Posted in European Union, International
On July 9, 2019, the European Data Protection Board adopted Opinion 8/2019 on the Competence of a Supervisory Authority in Case of a Change in Circumstances Relating to the Main or Single Establishment at the request of the French and the Swedish data protection authorities.…
Continue Reading
The Schrems Saga Continues: Schrems II Case Heard Before the CJEU
Posted on
Posted in European Union, International
On July 9, 2019, the hearing in the so-called Schrems II case (case C-311/18) took place at the Court of Justice of the European Union in Luxembourg. This blog entry provides highlights from the hearing, and also discusses the potential impact of the CJEU’s judgment in the case in the EU data protection landscape.…
Continue Reading