On September 23, 2019, the Office of the Privacy Commissioner of Canada announced that it completed its consultation on transfers for processing and that the OPC’s current guidelines for processing personal data across borders—under which consent for transfers to data processors is not required—remain unchanged.
Continue Reading
Data Transfer
Philippines Submits Notice of Intent to Join the APEC CBPR
Posted on
Posted in International
On September 20, 2019, the Philippines National Privacy Commission announced it has filed its notice of intent to join the APEC Cross-Border Privacy Rule system.…
Continue Reading
Ecuador Fast-Tracks Data Protection Law in Wake of Massive Breach
Posted on
Posted in International, Security Breach
Ecuador is seeking to pass a data protection bill in the wake of a massive data breach that resulted in the personal data of up to 20 million people being made available online.…
Continue Reading
CNIL Updates FAQs to Prepare for a No-deal Brexit
Posted on
On September 10, 2019, the French data protection authority updated its existing set of questions and answers (“FAQs”) on the impact of a no-deal Brexit on data transfers from the EU to the UK and discussed how controllers should prepare.…
Continue Reading
CIPL Issues White Paper on New Standard Contractual Clauses for International Transfers under the GDPR
Posted on
On August 7, 2019, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP issued a white paper on “Key Issues Relating to Standard Contractual Clauses for International Transfers and the Way Forward for New Standard Contractual Clauses under the GDPR.” The White Paper was submitted to the European Commission as part of its ongoing work to update EU Standard Contractual Clauses for international transfers.…
Continue Reading
APEC Endorses Singapore CBPR Accountability Agent
Posted on
Posted in International
On July 23, 2019, APEC issued a press release announcing the recent appointment of the Infocomm Media Development Authority as Singapore’s Accountability Agent for the APEC Cross-Border Privacy Rules and APEC Privacy Recognition for Processors.…
Continue Reading
EDPB Publishes Opinion on the Competence of a Supervisory Authority in Change in Circumstances Relating to the Main or Single Establishment
Posted on
Posted in European Union, International
On July 9, 2019, the European Data Protection Board adopted Opinion 8/2019 on the Competence of a Supervisory Authority in Case of a Change in Circumstances Relating to the Main or Single Establishment at the request of the French and the Swedish data protection authorities.…
Continue Reading
The Schrems Saga Continues: Schrems II Case Heard Before the CJEU
Posted on
Posted in European Union, International
On July 9, 2019, the hearing in the so-called Schrems II case (case C-311/18) took place at the Court of Justice of the European Union in Luxembourg. This blog entry provides highlights from the hearing, and also discusses the potential impact of the CJEU’s judgment in the case in the EU data protection landscape.…
Continue Reading
FTC Takes Action Against Companies Misrepresenting Compliance with the EU-U.S. Privacy Shield and Other International Privacy Agreements
Posted on
On June 14, 2019, the Federal Trade Commission announced that it has taken action against a number of companies that allegedly misrepresented their compliance with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks and other international privacy agreements. This blog entry provides an overview of these developments.…
Continue Reading
China Issues Draft Regulation on Cross-Border Transfer of Personal Information
Posted on
Posted in Cybersecurity, International
On June 13, 2019, the Cyberspace Administration of China released Draft Measures on Security Assessment of Cross-Border Transfer of Personal Information for public comment. This blog entry provides an overview of the proposed provisions.…
Continue Reading