On January 4, 2023, the Irish Data Protection Commission announced the conclusion of two inquiries into the data processing practices of Meta Platforms, Inc. on the Instagram and Facebook platforms.
Continue Reading Meta Fined €390 Million by Irish DPC for Alleged Breaches of GDPR, Including in Behavioral Advertising Context
Schrems
CIPL Responds to EDPB’s Calls for Public Comments on Recommendations for Controller Binding Corporate Rules
On January 10, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth responded to a call for public comments from the European Data Protection Board regarding their Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR). …
Continue Reading CIPL Responds to EDPB’s Calls for Public Comments on Recommendations for Controller Binding Corporate Rules
European Commission to Start Adequacy Decision Adoption Process for the EU-U.S. Data Privacy Framework
On December 13, 2022, the European Commission launched the process for the adoption of an adequacy decision for the EU-U.S. Data Privacy Framework.
Continue Reading European Commission to Start Adequacy Decision Adoption Process for the EU-U.S. Data Privacy Framework
Speakers Optimistic About New EU-U.S. Data Privacy Framework
On December 12, 2022, at the “POLITICO Live” event sponsored by Hunton Andrews Kurth LLP’s Centre for Information Policy Leadership, speakers from both sides of the Atlantic were optimistic that the new EU-U.S. Data Privacy Framework will withstand an anticipated legal challenge.
Continue Reading Speakers Optimistic About New EU-U.S. Data Privacy Framework
UK ICO Publishes New Guidance and a Tool for Transfer Risk Assessments
On November 17, 2022, the UK Information Commissioner’s Office published updated guidance on international transfers that includes a new section on transfer risk assessments and a transfer risk assessment tool. …
Continue Reading UK ICO Publishes New Guidance and a Tool for Transfer Risk Assessments
Danish DPA Declares Use of Google Analytics Unlawful Without Supplementary Measures
On September 21, 2022, Denmark’s data protection authority Datatilsynet announced its guidance that Google Analytics, Google’s audience measurement tool, is not compliant with the EU General Data Protection Regulation. …
Continue Reading Danish DPA Declares Use of Google Analytics Unlawful Without Supplementary Measures
Irish Data Protection Commission Moves to Block Meta Transfers
Only July 7, 2022, the Irish Data Protection Commission sent a draft decision to other European Union data protection authorities, proposing to block Meta’s transfers of personal data from the EU to the United States. …
Continue Reading Irish Data Protection Commission Moves to Block Meta Transfers
Italian Garante Bans Google Analytics
On June 23, 2022, Italy’s data protection authority determined that a website’s use of the audience measurement tool Google Analytics is not compliant with the EU General Data Protection Regulation, as the tool transfers personal data to the United States, which does not offer an adequate level of data protection. …
Continue Reading Italian Garante Bans Google Analytics
CNIL Unveils 2021 Annual Activity Report
The French Data Protection Authority recently published its Annual Activity Report for 2021.
Continue Reading CNIL Unveils 2021 Annual Activity Report
EDPB Adopts Statement on the Announcement of an Enhanced EU-U.S. Privacy Shield
On March 7, 2022, the European Data Protection Board released a statement on the announcement of a new Trans-Atlantic Data Privacy Framework.
Continue Reading EDPB Adopts Statement on the Announcement of an Enhanced EU-U.S. Privacy Shield