On 23 May 2022, the data privacy activist group ‘none of your business’ (noyb) published an open letter on the planned EU-US data transfer deal. ...more
On 6 April 2022, the European Parliament adopted the draft Data Governance Act (the DGA), following trilogue negotiations between EU legislators....more
On 6 April 2022, following the announcement of the political agreement on a new EU-US Trans-Atlantic Data Privacy Framework having been reached between the European Commission and the United States on 25 March 2022, the...more
On 4 March 2022, the European Data Protection Board (EDPB) published a final version of its Guidelines on Codes of Conduct as tools for transfers of personal data to third countries (Guidelines), adopted during the EDPB...more
On 2 February 2022, the Department for Digital, Culture, Media and Sport (DCMS) laid before Parliament the international data transfer agreement (IDTA), the international data transfer addendum to the European Commission’s...more
On 20 January 2022, the European Parliament finalised its position on the draft Digital Services Act (DSA), which was adopted with a broad majority during the plenary session....more
On 2 December 2021, the Court of Justice of the European Union (CJEU) published the Advocate General’s (AG) opinion in case C-319/20 (Facebook Ireland) (the AG Opinion) relating to the issue of whether Member State law may...more
On 19 October 2021, the European Data Protection Board (EDPB) announced that it has published its final guidelines on the restrictions under Article 23 GDPR (Guidelines) following the end of its public consultation and...more
On 1 October 2021, the Council of the European Union (Council) reached agreement about the text of the proposed European Commission Data Governance Act (DGA) and issued a mandate to the EU Presidency to start trilogue...more
On 15 July 2021, the European Data Protection Board (the EDPB) issued a press release concerning its first urgent binding decision adopted under Article 66(2) GDPR (the Decision) in response to a request of the Hamburg...more
The European Data Protection Board (EDPB) published its long-awaited final Recommendations on measures that supplement data transfer tools (the Recommendations), following the Schrems II decision of the CJEU (on 18 June...more
On 28 June 2021, just two days before the interim EU-UK data transfer “bridging mechanism” expired under the Trade and Cooperation Agreement, the European Commission (EC) adopted two adequacy decisions for the UK to...more
On 19 May 2021, the European Data Protection Board (EDPB) held its plenary session with a busy agenda. The first outcomes of the plenary have now been published by the EDPB....more
On 21 April 2021, the European Commission published its Proposal for a Regulation on a European approach for Artificial Intelligence (the draft AI Regulation). The press release can be found here. The proposal differs...more
On 14 April 2021, the European Data Protection Board (EDPB) announced the outcomes of its 48th plenary session held on 13 April 2021. ...more
On 10 March 2021, the European Data Protection Board (EDPB) published a press release about its 46th plenary session held on 9 March 2021. We look at some of the highlights below. ...more
The UK has left the European Union (EU), the transition period is over, the UK and EU have agreed a new Trade and Cooperation Agreement (the TCA), so what now for data protection? We look at the key consequences of Brexit for...more
On 10 February 2021, the European Data Protection Supervisor (EDPS) published its opinions on the European Commission’s proposals for a Digital Services Act and a Digital Markets Act. The EDPS welcomes both legislative...more
On 28 January 2021, the European Union Agency for Cybersecurity (ENISA) released a report on data pseudonymisation techniques (the Report)....more
Following months of protracted negotiations and coming four and a half years after the UK voted to leave the EU, 24 December 2020 saw the EU and UK finally agree the shape of their future relationship. While the Trade and...more
On 1 October 2019, the Court of Justice of the European Union (CJEU) issued its long-awaited decision in the case Planet49 (Case C-673/17). The decision clarifies the requirements for valid cookie consent under Directive...more
10/3/2019
/ Consent ,
Cookies ,
Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
Virtually all evidence, whether in litigation or arbitration or relating to investigations carried out by regulators or enforcement authorities, will contain some personal data. A year on from the EU General Data Protection...more
The EU General Data Protection Regulation (universally known as GDPR) has become ubiquitous. Less understood is what GDPR means for disputes and contentious regulatory/enforcement matters. Virtually all evidence, whether in...more
On 18 December 2015, the agreed text of the Network and Information Security Directive (the NIS Directive) was released. With cybersecurity firmly established as a key business risk, the introduction of specific laws in this...more
Huge uncertainty has been caused by the recent judgment of the Court of Justice of the European Union (CJEU) on 6 October that the Safe Harbor decision by the European Commission is invalid. Many companies which previously...more