Life with GDPR - Meta Fined €405 million by Irish Data Protection Commission
A much-anticipated Opinion from the European Data Protection Board (EDPB) on AI models and data protection has not resulted in the clear or definitive guidance that businesses operating in the EU had hoped for. The Opinion...more
On November 5, 2024, the European Data Protection Board (EDPB) issued its first report under the EU-U.S. Data Privacy Framework (DPF) and released a statement on the access to data for law enforcement. Both documents were...more
The EDPB released guidance last month to help companies understand their obligations when using newer tracking tools. These include pixels, URL tracking, IP-tracking, and the like. First, some background: an EU law that...more
The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more
The European Data Protection Board (EDPB), a board comprised primarily of representatives of the data protection supervisory authorities of the European Union’s member states, issued surprising new guidance in mid-November...more
The “right of access” recognized by art.15 GDPR is one of the most fervently exercised rights by individuals. Nowadays, where companies tend to amass considerable amounts of information and carry out data processing...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
Many organizations around the world – and particularly companies in the United States – are directly affected by the EU Court of Justice’s July 2020 Schrems II decision casting doubt on the lawfulness of transferring personal...more
Concerns are mounting for companies around the world as they consider their ability to transfer data from the EU following the recent decision by the Court of Justice of the European Union in Data Protection Commissioner v....more
Last week saw major innovations in the law of data transfer from the European Economic Area (EEA) to other countries, including the United States. This alert covers one of them: new guidelines from the European Data...more
On November 10, 2020, the European Data Protection Board (“EDPB”) issued highly anticipated guidance intended to clarify how data exporters could legally transfer data to “third countries” under GDPR following the Schrems II...more
The European Data Protection Board (EDPB) has issued its long-awaited practical guidance following the Court of Justice of the European Union’s (CJEU) landmark Schrems II decision....more
As contactless transactions boom, EU regulators publish draft guidelines on the interplay between the GDPR and PSD2. Last year, more than half of all payments in the UK were made by card and contactless methods, while cash...more
In this month's edition, we examine the Swiss data protection authority's comments on the validity of its data-sharing framework with the U.S., as well as the European Data Protection Board's guidance on joint controllers and...more
The Information Commissioner's Office (ICO) has issued a statement confirming that data protection will not stop the need for businesses to share information quickly, or adapt the way they work to face the unprecedented...more
Companies with employees in multiple European locations may well be feeling challenged both in keeping up with public health-driven guidance – and more recently, mandates – relating to the SARS-COV2 risks in the workplace. ...more
The Coronavirus (COVID-19) continues its spread across the globe and—along with the clear public health and economic concerns—is raising numerous questions regarding privacy and data security. Data protection authorities...more
The European Data Protection Board (EDPB) and a number of European data protection supervisory authorities have recently issued guidance on processing personal data, including special categories of personal data (i.e., health...more
The European Data Protection Board (EDPB) recently published an updated version of its guidelines on the territorial scope of the GDPR, which were initially issued just over a year ago. The revised Guidelines do not...more
EU Court Allows Class Action to Proceed, Sets Precedent for Future Data Breach Class Actions - A class action brought against Google will be allowed to move forward after the plaintiff’s appeal was permitted, allowing him to...more
Anonymisation has always been (and still is) a real challenge for those carrying out clinical research. To shed some light on this matter, the Medical Research Council (MCR) – which is part of UK Research and Innovation – has...more
The European Data Protection Board ("EDPB") has published guidelines on the use of the certification mechanism under the GDPR. Certifications are intended to help businesses provide evidence of compliance with the GDPR. The...more
The European Data Protection Board (“EDPB”) recently released Guidelines 3/2018 on the territorial scope of the GDPR (Article 3). ...more