On November 18, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its response to the Standing Committee of the National People’s Congress of the People’s Republic of China on the Draft Personal Information Protection Law.
Continue Reading CIPL Submits Response to China’s Personal Information Protection Law

On November 12, 2020, somewhat in the shadow of the new standard contractual clauses for data transfers to recipients outside the European Economic Area, the European Commission also adopted draft standard contractual clauses to be used between controllers and processors in the EEA.
Continue Reading European Commission Releases Draft Standard Contractual Clauses for Article 28 Data Processing Agreements

On November 12, 2020, the European Commission published a draft implementing decision on standard contractual clauses for the transfer of personal data to third countries pursuant to the GDPR, along with its draft set of new standard contractual clauses. This blog entry provides key takeaways on the draft decision.
Continue Reading European Commission Publishes Draft of New Standard Contractual Clauses

On November 11, 2020, the European Data Protection Board published its long-awaited recommendations following the Schrems II judgement regarding supplementary measures that may be implemented to ensure the adequate protection of personal data when transferring the data to third countries.
Continue Reading EDPB Adopts Recommendations on Supplementary Measures for Data Transfers Following Schrems II Decision

On October 13, 2020, France’s highest administrative court issued a summary judgment that rejected a request for the suspension of France’s centralized health data platform, Health Data Hub.
Continue Reading French Highest Court Rejects Temporary Suspension of France’s Health Data Hub; Calls for Additional Guarantees Following Schrems II

The Centre for Information Policy Leadership at Hunton Andrews Kurth recently published a concept paper titled “Why We Need Interstate Privacy Rules for the U.S.” This blog entry provides highlights on the paper.
Continue Reading CIPL Publishes Concept Paper on an Interstate Privacy Interoperability Code of Conduct

On September 28, 2020, the U.S. Department of Commerce, along with the U.S. Department of Justice and the Office of the Director of National Intelligence, released a White Paper entitled Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II (the “White Paper”). The White Paper outlines privacy safeguards in and updates to the U.S. surveillance provisions flagged by the Court of Justice of the European Union (“CJEU”) in its Schrems II decision. It is intended to serve as a resource for companies transferring personal data from the EU to the U.S. in the wake of the CJEU’s decision overturning the EU-U.S. Privacy Shield. Particularly, it focuses on companies relying on Standard Contractual Clauses (“SCCs”) for data transfers, and provides information to help them determine whether the U.S. ensures adequate privacy protections for companies’ data.

Continue Reading U.S. Government Issues White Paper on Data Transfers after Schrems II Decision