On September 7, 2020, the European Data Protection Board released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation. We provide a summary of the key takeaways from the guidelines.
Continue Reading EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR
European Data Protection Board
EDPB Creates Taskforces on Complaints and Supplementary Measures for Data Transfers Following Schrems II Decision
Posted on
Posted in European Union, International
On September 4, 2020, the European Data Protection Board announced that it established two taskforces following the judgment of the CJEU in the Schrems II case. …
Continue Reading EDPB Creates Taskforces on Complaints and Supplementary Measures for Data Transfers Following Schrems II Decision
European Parliament Meeting on Future of EU-U.S. Data Flows
Posted on
On September 3, 2020, the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament held a meeting to discuss the future of EU-U.S. data flows following the Schrems II judgment of the Court of Justice of the European Union.…
Continue Reading European Parliament Meeting on Future of EU-U.S. Data Flows
Dutch “Data Pro Code” Approved
Posted on
Posted in International
On August 27, 2020, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) announced it approved the “Data Pro Code,” a code of conduct drafted by industry association NLdigital (the “Code”). This Code is the first code of conduct approved by the Dutch DPA under the EU General Data Protection Regulation (the “GDPR”). Adhering to the Code will help organizations active in the Information and Communications Technology sector comply with their obligations under the GDPR. The Code includes, among other things, a series of practical GDPR compliance tools, such as the “Data Pro Statement” that companies may use to inform potential customers of the data protection safeguards they have in place.
…
Continue Reading Dutch “Data Pro Code” Approved
Department of Commerce Publishes FAQs Regarding Impact of Schrems II Decision
Posted on
The U.S. Department of Commerce has issued two new sets of FAQs in light of the CJEU’s recent decision to invalidate the EU-U.S. Privacy Shield in Schrems II. …
Continue Reading Department of Commerce Publishes FAQs Regarding Impact of Schrems II Decision
Schrems II Update: German SAs Require Additional Safeguards for U.S. Transfers and Max Schrems Set to Challenge Facebook Data Transfers Again
Posted on
Posted in European Union, International
On July 28, 2020, German supervisory authorities issued a statement reiterating the requirement for additional safeguards when organizations rely on Standard Contractual Clauses or Binding Corporate Rules for the transfer of personal data to third countries in the wake of the Court of Justice of the European Union’s invalidation of the Privacy Shield Framework.…
Continue Reading Schrems II Update: German SAs Require Additional Safeguards for U.S. Transfers and Max Schrems Set to Challenge Facebook Data Transfers Again
EDPB Adopts Information Note on BCRs in Preparation for Brexit
Posted on
Posted in European Union, International
On July 22, 2020, the European Data Protection Board adopted an information note to assist organizations relying on Binding Corporate Rules for international personal data transfers, as well as supervisory authorities, in preparing for the end of the Brexit implementation period on December 31, 2020.…
Continue Reading EDPB Adopts Information Note on BCRs in Preparation for Brexit
EDPB Publishes FAQs on Implications of the Schrems II Case
Posted on
Posted in European Union, International
On July 24, 2020, the European Data Protection Board published a set of Frequently Asked Questions on the judgment of the Court of Justice of the European Union in the Schrems II case.…
Continue Reading EDPB Publishes FAQs on Implications of the Schrems II Case
Regulators Issue Reactions to Invalidation of EU-U.S. Privacy Shield Framework
Posted on
In the aftermath of the CJEU’s unexpected ruling, organizations in the EU and U.S. that rely on Privacy Shield certification for transfers of EU personal data are awaiting guidance from EU data protection regulators. …
Continue Reading Regulators Issue Reactions to Invalidation of EU-U.S. Privacy Shield Framework
CIPL Submits White Paper on Data Subject Rights
Posted on
On July 8, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its White Paper as input for the European Data Protection Board’s future guidelines on data subject rights. …
Continue Reading CIPL Submits White Paper on Data Subject Rights