On November 9, 2023, the European Parliament adopted, by a majority of 481 votes in favor, 31 votes against and 71 abstentions, the final text of the Data Act.
Continue Reading European Parliament Adopts Final Version of the Data Act
Data Transfer
China Proposes New Rules for Data Transfers
On September 28, 2023, the Cyberspace Administration of China released the “Provisions on Regulating and Facilitating Cross-Border Data Flows” for public comment. …
Continue Reading China Proposes New Rules for Data Transfers
BREAKING: UK-U.S. Data Bridge Finalized
On September 21, 2023, UK Secretary of State for Science, Innovation and Technology Michelle Donelan laid regulations in the UK Parliament, giving effect to a UK-U.S. Data Bridge.
Continue Reading BREAKING: UK-U.S. Data Bridge Finalized
European Data Protection Board Issues Information Note on Data Transfers under the Data Privacy Framework
On July 19, 2023, the European Data Protection Board issued an Information Note regarding data transfers to the U.S. following the adoption of an adequacy decision on the EU-U.S. Data Privacy Framework on July 10, 2023.
Continue Reading European Data Protection Board Issues Information Note on Data Transfers under the Data Privacy Framework
BREAKING: EU Commission Adopts EU-U.S. Data Privacy Framework Adequacy Decision
On July, 10 2023, the European Commission formally adopted a new adequacy decision on the EU-U.S. Data Privacy Framework, which follows years of intense negotiations between the EU and the U.S. after the invalidation of the EU-U.S. Privacy Shield by the CJEU in the Schrems II case.
Continue Reading BREAKING: EU Commission Adopts EU-U.S. Data Privacy Framework Adequacy Decision
EDPB Adopts Guidance on Controller Binding Corporate Rules
On June 30, 2023, the European Data Protection Board published Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR), which were adopted on June 20, 2023. …
Continue Reading EDPB Adopts Guidance on Controller Binding Corporate Rules
Global Data Flows and Transfer Mechanisms – CIPL Publishes New FAQs About CBPR and PRP
On June 26, 2023, the Centre for Information Policy Leadership (CIPL) published the third edition of its Frequently Asked Questions on Cross-Border Privacy Rules, Privacy Recognition for Processors, and Global CBPR and PRP (FAQs).
Continue Reading Global Data Flows and Transfer Mechanisms – CIPL Publishes New FAQs About CBPR and PRP
China Issues Guidelines regarding Filing Standard Contracts for Cross-Border Transfer of Personal Information
On May 30, 2023, the Cyberspace Administration of China issued the Guideline for Filing the Standard Contract for Cross-border Transfer of Personal Information. …
Continue Reading China Issues Guidelines regarding Filing Standard Contracts for Cross-Border Transfer of Personal Information
Irish Regulator Fines Meta 1.2 Billion Euros and Orders it to Cease Data Transfers to the U.S.
On May 22, 2023, the Irish Data Protection Commission announced a €1.2 billion fine against Meta Ireland for unlawfully transferring personal data to the U.S. …
Continue Reading Irish Regulator Fines Meta 1.2 Billion Euros and Orders it to Cease Data Transfers to the U.S.
International Data Transfers: Time to Rethink Binding Corporate Rules
This is an excerpt from CIPL President Bojana Bellamy’s recently published piece in the IAPP “Privacy Perspectives” blog. This piece discusses binding corporate rules as important transfer mechanism.
Continue Reading International Data Transfers: Time to Rethink Binding Corporate Rules