The Privacy Shield review and its potential to impact Schrems II

(Nov 5, 2019) Though the headline announcing the European Commission’s report on the third annual review of the EU-U.S. Privacy Shield was banal, several paragraphs within the report were anything but. In its report and accompanying staff working document, the European Commission cited one “clarification” and three court cases with the potential to influence the outcome of the Schrems II case currently pending before the Court of Justice of the European Union. These commission findings relate to the independ... Read More

On the Privacy Shield review's potential to impact 'Schrems II'

(Nov 5, 2019) Last month the European Commission released its report on the third annual review of the EU-U.S. Privacy Shield, and though the news was good for U.S. businesses, the future of data transfers between the two regions remains uncertain. The Court of Justice of the European Union is set to hand down in the coming months its decision to the so-called "Schrems II" case involving the legality of standard contractual clauses. "Though the headline announcing the European Commission’s report on the third... Read More

EDPS announces resolutions adopted during ICDPPC

(Oct 25, 2019) The European Data Protection Supervisor announced several resolutions were adopted at the 41st annual International Conference of Data Protection and Privacy Commissioners in Tirana, Albania. Regulators from the EU, the Asia-Pacific region and Canada adopted resolutions “to address the role of human error in personal data breaches” and “support and facilitate regulatory co-operation between data protection authorities and consumer protection and competition authorities,” as well as others on soc... Read More

ICDPPC calls for increased global cooperation as conference begins

(Oct 23, 2019) The opening session of the 41st annual International Conference for Data Protection and Privacy Commissioners kicked off in Tirana, Albania, Wednesday. Common talking points throughout the event have included the need for convergence and cooperation, not only among global regulatory authorities, but also among industry, government and civil society as dramatic advances in digital technology continue to challenge laws and regulations, business models and democracies around the world. IAPP Editori... Read More

Dispatch from Albania: ICDPPC calls for increased global cooperation

(Oct 23, 2019) The opening session of the 41st annual International Conference for Data Protection and Privacy Commissioners kicked off here in Tirana, Albania, Wednesday. Threads woven throughout the event have included the need for convergence and cooperation, not only among global regulatory authorities, but also among industry, government and civil society as dramatic advances in digital technology continue to challenge laws and regulations, business models, and democracies around the world. ICDPPC Presid... Read More

EC releases report on third-annual Privacy Shield review

(Oct 23, 2019) The European Commission published its report of the third-annual review of the EU-U.S. Privacy Shield agreement. The report states improvements have been made since last year’s review, such as the appointment of a Privacy Shield ombudsman and improvement in enforcement actions brought by the U.S. Federal Trade Commission. The European Commission recommends continued improvement to the re-certification process and for guidance to be developed for handling human resource data. "With around 5,000 p... Read More

Dixon: Brexit data issues are 'broad and deep'

(Oct 21, 2019) Irish Data Protection Commissioner Helen Dixon discussed the data issues presented by Brexit in an event hosted by Dublin City University. “The data issues, and in particular, the personal data issues that arise with the [U.K.’s] departure from the EU are non-trivial and they’re both broad and deep,” said Dixon, who added Irish businesses that do not prepare for Brexit run the risk of penalties for noncompliance. Meanwhile, the Irish Independent reports on the Brexit challenges Irish businesses ... Read More

Potential Brexit deal reached; data transfers remain, for now

(Oct 17, 2019) More than three years after the U.K. voted in a referendum to leave the EU, a proposed Brexit deal is on the table just weeks ahead of an Oct. 31 deadline. U.K. Prime Minister Boris Johnson said it is a "great new deal" and that the U.K. Parliament will vote on it this Saturday, Oct. 19. European Commission President Jean-Claude Juncker confirmed a deal had been reached but added, "I am happy about the deal, but I am sad about Brexit."  The draft text of the deal released Thursday includes a s... Read More

Singapore PDPC publishes guidelines for cloud services under PDPA

(Oct 17, 2019) Computer Weekly reports Singapore's Personal Data Protection Commission has released new guidance on how to approach cloud services under the Personal Data Protection Act. The guidelines aim to help both businesses and cloud service providers understand the application of the law with a focus on protections for data transfers across boundaries in a cloud environment. The guidelines explain CSPs are data intermediaries and therefore protected while being subject to data retention limits. Also, or... Read More

New proposed Brexit deal reached, but what about data transfers?

(Oct 17, 2019) More than three years after the U.K. voted in a referendum to leave the EU, a proposed Brexit deal is on the table just weeks ahead of an Oct. 31 deadline. U.K. Prime Minister Boris Johnson said it is a "great new deal" and that the U.K. Parliament will vote on it this Saturday, Oct. 19. The draft text of the deal released Thursday includes a section near the top on data protection, though it is far from certain if the U.K. Parliament will pass the current deal this Saturday. Bird & Bird Par... Read More