On September 21, 2023, the UK Information Commissioner’s Office published an opinion on the UK Government’s assessment of adequacy for the UK Extension to the EU-U.S. Data Privacy Framework.
Continue Reading The UK ICO Publishes Opinion on UK Government’s Assessment of Adequacy for the UK Extension to the EU-U.S. DPF
GDPR
Irish Regulator Fines TikTok 345 Million Euros
On September 15, 2023, the Irish Data Protection Commission announced a fine of 345 million Euros against TikTok Technology Limited for non-compliance with GDPR rules regarding the processing of personal data from child users. …
Continue Reading Irish Regulator Fines TikTok 345 Million Euros
European Data Protection Board Issues Information Note on Data Transfers under the Data Privacy Framework
On July 19, 2023, the European Data Protection Board issued an Information Note regarding data transfers to the U.S. following the adoption of an adequacy decision on the EU-U.S. Data Privacy Framework on July 10, 2023.
Continue Reading European Data Protection Board Issues Information Note on Data Transfers under the Data Privacy Framework
Norwegian DPA Adopts Measures Regarding Meta’s Behavioral Advertising Activities
On July 14, 2023, the Norwegian Data Protection Authority ordered Meta Platforms Ireland Limited and Facebook Norway AS to temporarily cease the processing of personal data of data subjects in Norway for the purpose of targeting ads on the basis of “observed behavior” when relying on the contractual necessity legal basis or the legitimate interests legal basis of the GDPR. …
Continue Reading Norwegian DPA Adopts Measures Regarding Meta’s Behavioral Advertising Activities
Argentina Personal Data Protection Bill Sent to Congress
Pablo A. Palazzi from Allende & Brea in Argentina reports that on June 30, 2023, the Argentine Executive Branch sent the new Personal Data Protection Bill to the National Congress. The Bill was drafted by the Argentine Data Protection Authority and seeks to amend the current Personal Data Protection Act (Law No. 25,326 of 2000).
Continue Reading Argentina Personal Data Protection Bill Sent to Congress
European Commission Proposes Regulation on the Harmonization of Rules Regarding Enforcement of the GDPR
On July 4, 2023, the European Commission proposed a new Regulation laying down additional procedural rules relating to the enforcement of the GDPR at the EU level. …
Continue Reading European Commission Proposes Regulation on the Harmonization of Rules Regarding Enforcement of the GDPR
EDPB Adopts Guidance on Controller Binding Corporate Rules
On June 30, 2023, the European Data Protection Board published Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR), which were adopted on June 20, 2023. …
Continue Reading EDPB Adopts Guidance on Controller Binding Corporate Rules
Council and European Parliament Reach Political Agreement on the Data Act
On June 27, 2023, the Council and the European Parliament reached a Political Agreement on the Proposal for a Regulation on harmonized rules on fair access to and use of data.
Continue Reading Council and European Parliament Reach Political Agreement on the Data Act
European Parliament Agrees on Position on the AI Act
On June 14, 2023, the European Parliament approved its negotiating mandate regarding the EU’s Proposal for a Regulation laying down harmonized rules on Artificial Intelligence, and the vote in the Parliament means that EU institutions may now start trilogue negotiations. …
Continue Reading European Parliament Agrees on Position on the AI Act
EDPB Adopts Guidelines on the Calculation of Administrative Fines
On June 7, 2023, the European Data Protection Board adopted the final version of its Guidelines on the calculation of administrative fines under the GDPR. …
Continue Reading EDPB Adopts Guidelines on the Calculation of Administrative Fines