The Single Resolution Board ("SRB") transferred pseudonymized comments from data subjects to Deloitte without informing them. The European Data Protection Supervisor ("EDPS") found a violation of information duties applicable...more
In a decision with significant legal and operational ramifications for organisations of all shapes and sizes, the Court of Justice of the European Union (CJEU) last week confirmed that pseudonymised data will not always and...more
On 4 September, the ECJ handed down a major and eagerly awaited decision on the scope of personal data, accepting the point that pseudonymised data may be anonymised in the hands of a third party. The ECJ’s approach is...more
On October 7, 2022, President Biden signed the Enhancing Safeguards for United States Signals Intelligence Activities Executive Order (Executive Order or EO), which implements the EU-U.S. Data Privacy Framework (EU-U.S. DPF)....more
Arnall Golden Gregory LLP is pleased to provide you with the Compliance News Flash, which includes current news briefs relevant to background screening, immigration and data privacy, for the benefit and interest of our...more
When a controller engages a processor, the GDPR requires that the parties enter into a specific contract that contains certain mandatory provisions. This contract is often referred to as a ‘data processing agreement’ or...more
Keypoint: The European Commission will consider the joint opinion and public comments and decide whether to modify the draft standard contractual clauses...more