Following its seventh plenary session, the European Data Protection Board has approved an "administrative arrangement" that was created by the European Securities and Markets Authority and International Organization of Securities Commissions to exchange market abuse data without violating Article 46(3)(b) of the EU General Data Protection Regulation. The arrangement will be submitted to relevant supervisory authorities for authorization at the national level. The EDPB also adopted two "information notes" on data transfers under the GDPR and binding corporate rules for companies that have the U.K. Information Commissioner's Office as a lead supervisory authority in the event of a no-deal Brexit. Separately, the EDPB adopted guidelines of codes of conduct to provide guidance on the application of Articles 40 and 41 of the GDPR.
If you want to comment on this post, you need to login.