We know there's lots of privacy news, guidance and documentation to keep up with every day. And we also know you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but throw in a seemingly never-ending pandemic and sometimes, that's even too much. To help, we compiled a list of The Privacy Advisor's most-read privacy articles in 2021. Not surprisingly, transborder data flow, Privacy Shield and the EU's ePrivacy Regulation were some of our most read topics. 

10. “The ‘privacy soup’ of COVID-19 vaccine mandates”

Just as restaurants, offices seemed to be on a path to some sort of normalcy, the COVID-19 delta and omicron variants led to a rise in coronavirus cases around the country and forced employers to take a stronger stance toward pandemic recovery. IAPP Staff Writer Jennifer Bryant looked at the privacy conversations around employer-mandated vaccines in the U.S, what employers need to know and a recently launched study of vaccine-credentialing systems.

9. “European Commission releases draft UK adequacy decisions”

In February, the European Commission released two draft decisions on the U.K.’s adequacy status. One fell under the EU General Data Protection Regulation and the other covered the Law Enforcement Directive. IAPP Editorial Director Jedidiah Bracy, CIPP, reported on the decisions, reaction from around the industry and the next steps in the process.

8. “California attorney general offers CCPA enforcement update, launches reporting tool”

In July, California Attorney General Rob Bonta announced preliminary updates on the California Consumer Privacy Act enforcement related to the right to cure and rolled out the Consumer Privacy Tool. IAPP Staff Writer Joe Duball reported on the announcements and industry reaction.

7. “EDPB’s data transfer recommendations adopt a risk-based approach with teeth”

On June 21, the European Data Protection Board issued its highly anticipated final recommendations on supplementary measures for data transfers. The recommendations outlined a process organizations can follow to transfer personal data outside the European Economic Area to ensure compliance with the "Schrems II" judgment. Covington & Burling's Jetty Tielemans, Dan Cooper and Gabe Maldoff offered an analysis of the EDPB’s recommendations on supplementary measures for data transfers.

6. “Industry gauges future of Privacy Shield replacement”

As privacy professionals continue to wait for news on a replacement EU-U.S. Privacy Shield agreement after it was struck down by the Court of the Justice of the European Union in its “Schrems II” ruling in 2020. IAPP Staff Writers Jenn Bryant and Joe Duball, along with former IAPP Staff Writer Ryan Chiavetta, CIPP/US, reported on a series of virtual events in which privacy professionals shared their thoughts on what a potential Privacy Shield replacement might look like.

5. “Next-gen privacy: Examining the EU’s ePrivacy Regulation”

The proposed ePrivacy Regulation may soon replace the ePrivacy Directive, which is nearing its 20th year in existence after having entered into force in 2002. IAPP Senior Westin Research Fellow Müge Fazlioglu, CIPP/E, CIPP/US, took a deep dive into the ePrivacy Regulation, including its evolution, scope and how it handles consent and cookies.

4. “EU Council ambassadors agree to negotiating position on ePrivacy Regulation”

Ambassadors from the Council of the European Union agreed on a negotiating mandate for the draft ePrivacy Regulation. The move, led by the Portuguese Presidency in the Council, allows negotiations with the European Parliament to move forward, as part of the "trilogue" process. IAPP Editorial Director Jedidiah Bracy, CIPP, reported on the details of the new draft, and reaction from industry professionals on the future of the ePrivacy Regulation.

3. “Infographic — Recent EU Data Initiatives in Context”

The IAPP published this infographic that puts recent data initiatives in the European Union in context. From the EU General Data Protection Regulation to the recently proposed Digital Services Act and Digital Markets Act, the infographic highlights important details of these initiatives and where the most recent proposals stand.

2. “Virginia Consumer Data Protection Act on the horizon — Now what?”

In February, the Virginia Senate voted unanimously, 39-0, to approve Senate Bill 1392 one week after the House of Delegates approved its companion bill, House Bill 2307. IAPP Staff Writer Joe Duball had the details on Virginia’s Consumer Data Protection Act legislative path and early industry reaction before it was signed into law March 2, 2021.

1. “The updated standard contractual clauses — A new hope?”

With the release of the European Commission's updated standard contractual clauses in June, privacy professionals can finally start updating some of their data transfer processes. There's lots to sift through, but Fieldfisher's Phil Lee, CIPP/E, CIPM, FIP, analyzed significant and notable aspects of the updated SCCs. 

Photo by Timo Müller on Unsplash