OPEN INNOVATION: DATA ISSUES IN INNOVATION AND COLLABORATIONS

Businesses in every sector are under pressure to innovate to stay ahead of the competition. ‘’Open innovation’’ is a term that has come to describe innovation which extends beyond the traditional Research and Development department of a business and embraces a broader pool of talent and ideas within the whole business and frequently also extends … Read more

Schrems II: Standard Contractual Clauses Are Valid

The Advocate General (“AG“) of the Court of Justice of the European Union (“ECJ“) has recommended that the Standard Contractual Clauses (“SCCs“) should remain a valid mechanism to legitimise the transfer of personal data to third countries. However: Read more

ICO OPENS CONSULTATION ON DATA SUBJECT ACCESS RIGHTS

The ICO (the UK privacy regulator) has published draft guidance on the right of individuals under the GDPR to access their data. Key takeaways include: An acknowledgement that subject access requests can be burdensome, with a requirement to ‘make extensive efforts’ to locate and retrieve information and confirmation that a significant burden does not make … Read more

EDPB Adopts Final Guidelines on GDPR Extra-territoriality

Almost exactly a year after publishing its draft version, the EDPB has adopted its final guidelines on Article 3 of the GDPR and the extra-territorial scope of the legislation. The adopted guidelines don’t differ substantially from the consultation draft but include a number of clarifications and new examples. Some of the key takeaways are: Article … Read more

Facial Recognition Technology and Data Protection Law: the ICO’s view

The Information Commissioner’s Office in the UK (ICO) has announced an investigation into the use of facial recognition technology following a string of high profile uses. Prior to the results of this investigation, companies using facial recognition technology should: undertake a balancing test to ensure proportionality in the use of such technology, acknowledging its intrusiveness; … Read more

The Encryption debate is far from ‘going dark’

Shortly after the release of the communiqué from the most recent ministerial meetings of the ‘Five Countries’ security alliance — Australia, Canada, New Zealand, the UK and the US — at the end of July, we warned that the issue of the use of, and access to, encrypted services and technologies ‘remains front of mind for … Read more

CALCULATION GUIDELINES ON GDPR FINES IN GERMANY

In our latest report, we informed you about new developments regarding imposed sanctions by Data Protection Authorities (“DPA”) in Germany and Austria and about a model for calculating fines imposed under the General Data Protection Regulation (“GDPR”) proposed by the Conference of the German “Independent Data Protection Supervisory Authorities of the Federal Government and the … Read more