The draft guidelines provide further clarification to the EDPB’s interpretation of legitimate interests, and suggest a potential divergence with the UK ICO....more
11/25/2024
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Processors ,
Draft Guidance ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Marketing ,
Multi-Factor Test ,
Personal Data ,
UK
On 3 May 2022, the European Commission launched its proposal for a Regulation for the European Health Data Space to “unleash the full potential of health data”. However, questions arise as to whether this proposal is a...more
11/2/2022
/ Biometric Information ,
Consent ,
Data Controller ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Health Care Providers ,
Medical Research ,
Personal Data ,
PHI ,
Portability ,
Public Health ,
Public Policy ,
Transparency
The EDPB sets out relevant steps and factors that EU supervisory authorities should consider when calculating administrative fines under the GDPR.
On 16 May 2022, the European Data Protection Board (EDPB) adopted draft...more
6/1/2022
/ Data Controller ,
Data Processors ,
Data Protection ,
Draft Guidance ,
European Data Protection Board (EDPB) ,
Fines ,
General Data Protection Regulation (GDPR) ,
Infringement ,
Personal Data ,
Statutory Penalties ,
Trademark Infringement
Companies have three months to prepare to use the latest standard contractual clauses for new data transfers, and 18 months to migrate existing arrangements.
On 4 June 2021, the European Commission released its...more
6/28/2021
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
The European Commission has published draft updated standard contractual clauses in light of the Schrems II decision.
On 12 November 2020, the European Commission (the Commission) published a draft implementing decision,...more
12/8/2020
/ Data Controller ,
Data Processors ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
Personal Data ,
Public Consultations ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
IT companies face higher fines in Russia for noncompliance with data privacy and content moderation rules.
In December 2019, Russia imposed large fines for certain types of violations of the Russian data privacy and...more
In less than one year, from 25 May 2018, the General Data Protection Regulation (GDPR or Regulation) will become enforceable. The GDPR introduces a rigorous, far-reaching privacy framework for businesses that operate, target...more
6/2/2017
/ CNIL ,
Data Controller ,
Data Processors ,
EU ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
Multinationals ,
UK ,
UK Brexit ,
UK Data Protection Act
The General Data Protection Regulation (GDPR or Regulation) will become applicable in one year, as of May 25, 2018. A lot has happened since we set out the key provisions of the Regulation last year....more
Businesses have two years to comply with Europe’s new privacy regime.
On 24 May 2016, after more than four years of debate, the General Data Protection Regulation (GDPR, or the Regulation) enters into force. The GDPR...more
5/25/2016
/ Binding Corporate Rules ,
Cyber Incident Reporting ,
Data Controller ,
Data Processors ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
Parental Consent ,
Personal Data ,
Privacy Policy ,
Recordkeeping Requirements ,
Standard Contractual Clauses