On June 21, 2021, the European Data Protection Board published the final version of its recommendations on supplementary measures in the context of international transfer safeguards, such as Standard Contractual Clauses.
Continue Reading EDPB Releases Final Recommendations on Supplementary Measures for International Transfers
Data Transfer
China Issues Data Security Law
Posted on
After two rounds of public comments, the Data Security Law of the People’s Republic of China was formally issued on June 10, 2021, and will become effective on September 1, 2021. This blog entry provides highlights of the new law.…
Continue Reading China Issues Data Security Law
European Commission Publishes Final Version of Updated Standard Contractual Clauses
Posted on
Posted in European Union, International
On June 4, 2021, the European Commission published the final version of the implementing decision on standard contractual clauses for transfers of personal data to third countries under the EU General Data Protection Regulation, as well as the final version of the new standard contractual clauses.…
Continue Reading European Commission Publishes Final Version of Updated Standard Contractual Clauses
CIPL Submits Comments on China’s Updated Draft Personal Information Protection Law
Posted on
The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has submitted its response to the Standing Committee of the National People’s Congress of the People’s Republic of China on the updated version of the Draft Personal Information Protection Law.…
Continue Reading CIPL Submits Comments on China’s Updated Draft Personal Information Protection Law
EDPS Opens Investigations Following Schrems II Judgment
Posted on
Posted in European Union, Information Security
On May 27, 2021, the European Data Protection Supervisor announced that it has opened two investigations regarding (1) the use of cloud services by European Union institutions, bodies and agencies; and (2) the use of Microsoft Office 365 by the European Commission.…
Continue Reading EDPS Opens Investigations Following Schrems II Judgment
Irish High Court Permits DPC Inquiry into Facebook Transfers to Proceed
Posted on
Posted in European Union, Information Security
On May 14, 2021, the Irish High Court dismissed Facebook Ireland’s challenge to the Irish Data Protection Commissioner’s investigation into the company’s international transfers of personal data.…
Continue Reading Irish High Court Permits DPC Inquiry into Facebook Transfers to Proceed
MEPs Urge European Commission to Amend Draft UK Adequacy Decision
Posted on
Posted in European Union, Information Security
On May 11, 2021, the European Parliament issued a press release requesting that the European Commission amend its draft decisions on UK adequacy to more closely align with EU court rulings and the opinion of the European Data Protection Board. The request came after the Parliament’s Civil Liberties Committee passed a resolution evaluating the Commission’s approach regarding the adequacy of the UK’s data protection regime.…
Continue Reading MEPs Urge European Commission to Amend Draft UK Adequacy Decision
China Issues Second Version of the Draft Personal Information Protection Law for Public Comments
Posted on
On April 29, 2021, China issued a second version of the draft Personal Information Protection Law. The draft will be open for public comments until May 28, 2021. …
Continue Reading China Issues Second Version of the Draft Personal Information Protection Law for Public Comments
China Issues the Second Version of the Draft of Data Security Law for Public Comments
Posted on
On April 29, 2021, China issued a second draft version of the Data Security Law (“Draft DSL”). The Draft DSL will be open for public comments until May 28, 2021.
While the framework of this version of the Draft DSL is the same as the prior version issued on July 3, 2020, below we summarize the material changes in the second version of the Draft DSL.…
Continue Reading China Issues the Second Version of the Draft of Data Security Law for Public Comments
Portuguese DPA Orders Suspension of U.S. Data Transfers by Agency That Relied on SCCs
Posted on
On April 27, 2021, the Portuguese Data Protection Authority ordered the National Institute of Statistics to suspend, within 12 hours, any international transfers of personal data to the U.S. or other third countries that have not been recognized as providing an adequate level of data protection.…
Continue Reading Portuguese DPA Orders Suspension of U.S. Data Transfers by Agency That Relied on SCCs