On January 10, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth responded to a call for public comments from the European Data Protection Board regarding their Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR).
Continue Reading CIPL Responds to EDPB’s Calls for Public Comments on Recommendations for Controller Binding Corporate Rules
European Data Protection Board
CPPA Board Holds Meeting on Status of CPRA Rulemaking and Other Topics
On December 16, 2022, the California Privacy Protection Agency Board held a public meeting regarding the status of the California Privacy Rights Act of 2020 rulemaking process and other topics, such as the CPPA’s advocacy regarding proposed federal and state privacy legislation. …
Continue Reading CPPA Board Holds Meeting on Status of CPRA Rulemaking and Other Topics
European Commission to Start Adequacy Decision Adoption Process for the EU-U.S. Data Privacy Framework
On December 13, 2022, the European Commission launched the process for the adoption of an adequacy decision for the EU-U.S. Data Privacy Framework.
Continue Reading European Commission to Start Adequacy Decision Adoption Process for the EU-U.S. Data Privacy Framework
UK ICO Publishes New Guidance and a Tool for Transfer Risk Assessments
On November 17, 2022, the UK Information Commissioner’s Office published updated guidance on international transfers that includes a new section on transfer risk assessments and a transfer risk assessment tool. …
Continue Reading UK ICO Publishes New Guidance and a Tool for Transfer Risk Assessments
President Biden Issues Executive Order on New EU-U.S. Data Transfer Pact
On October 7, 2022, President Biden signed Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities, which provides a new framework for legal data transfers between the European Union and the United States. …
Continue Reading President Biden Issues Executive Order on New EU-U.S. Data Transfer Pact
Danish DPA Declares Use of Google Analytics Unlawful Without Supplementary Measures
On September 21, 2022, Denmark’s data protection authority Datatilsynet announced its guidance that Google Analytics, Google’s audience measurement tool, is not compliant with the EU General Data Protection Regulation. …
Continue Reading Danish DPA Declares Use of Google Analytics Unlawful Without Supplementary Measures
EDPB Publishes Guidelines on the Calculation of Administrative Fines Under the GDPR
The European Data Protection Board recently adopted Guidelines 04/2022 on the calculation of administrative fines under the GDPR. This blog entry provides a summary of the Guidelines. …
Continue Reading EDPB Publishes Guidelines on the Calculation of Administrative Fines Under the GDPR
CNIL Unveils 2021 Annual Activity Report
The French Data Protection Authority recently published its Annual Activity Report for 2021.
Continue Reading CNIL Unveils 2021 Annual Activity Report
EDPB Adopts Statement on the Announcement of an Enhanced EU-U.S. Privacy Shield
On March 7, 2022, the European Data Protection Board released a statement on the announcement of a new Trans-Atlantic Data Privacy Framework.
Continue Reading EDPB Adopts Statement on the Announcement of an Enhanced EU-U.S. Privacy Shield
EDPB Adopts Guidelines on Codes of Conduct as Tools for Transfers
On February 22, 2022, the European Data Protection Board adopted its final Guidelines 04/2021 on Codes of Conduct as tools for transfers, following a public consultation that took place in 2021.
Continue Reading EDPB Adopts Guidelines on Codes of Conduct as Tools for Transfers