Life with GDPR - Meta Fined €405 million by Irish Data Protection Commission
So you have a court order from a U.S. court seeking data? In the words of Shania Twain, “That don’t impress me much!” The European Data Protection Board recently issued an opinion on cross border transfers pursuant to Art 48...more
This month the EDPB shed light on the question of lead supervisory authorities. The issue arose in response to a question late last month from the French supervisory authority. Some background. As most international...more
As those in the privacy world await the outcome of the EU-US privacy framework negotiations, the EDPB was in the news recently for a different mechanism for data transfers: Binding Corporate Rules. Namely, it adopted...more
The EU released its draft adequacy decision for the EU-US Data Privacy Framework, but all is not smooth sailing. As we wrote in October, the US developed the proposed new framework in response to the declared inadequacy of...more
It has been almost two years since the Privacy Shield was struck down as a valid data transfer mechanism in Schrems II. Many have been wondering “what’s next”? Will there be a replacement framework? When will that be...more
The EDPB issued an opinion on the draft Standard Contractual Clauses (SCC) for a controller-processor data processing agreement under Article 28 (Data Processing Agreements) submitted by the Lithuanian supervisory authority. ...more
Expect More Criminal Enforcement & What You Can Do To Minimize Your Risk - Antitrust cartel and related collusive scheme enforcement is poised to increase. Several factors support this: (1) the Antitrust Division (the...more
On November 12, 2020, the European Commission (“EC”) published a draft implementing decision on standard contractual clauses (“SCCs”) for the transfer of personal data to third countries pursuant to the General Data...more
With all that has happened this year, most of us can’t wait until 2020 is in the rear view mirror. The end of 2020, however, marks the end of the transition period provided, post-Brexit, to allow time for UK businesses and...more
Federal US News - FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements - The FTC reached a settlement with a background screening company over allegations it falsely claimed...more
Data protection laws in Europe evolved substantially in 2018, with the implementation of the General Data Protection Regulation (GDPR) and the Directive on Security of Network and Information Systems (NIS Directive) becoming...more
A European privacy regulator has spoken on a key facet in its General Data Protection Regulation (GDPR) interpretation. The UK’s enforcement office apparently believes that an EU data subject cannot give consent to a...more