Category: Extra-territoriality

Brexit and its impact on international transfers of personal data

February 4, 2019

Miriam Everett, Head of the Data Protection and Privacy group at Herbert Smith Freehills, has been working with the LexisNexis Data Protection Intelligence Group to publish a paper on Brexit and international personal data transfers: Practical approaches for the private sector… Read more

Japan Adequacy Decision Adopted by the EU Commission

January 28, 2019

On 23 January 2019, the EU Commission adopted a decision confirming the adequacy of Japanese data protection laws for the purpose of transferring personal data from the EU to Japan in compliance with the international data transfer restrictions set out… Read more

UK Government note clarifies “no deal” and data protection

January 4, 2019

The UK Government has published a "no deal" note to clarify how data protection law will work in the event that the UK leaves the EU without a deal. The note confirms that separate draft regulations and more detailed guidance… Read more

EDPB finally issues draft guidelines on GDPR extra-territoriality

November 26, 2018

On 23 November 2018, the European Data Protection Board (the "EDPB") published its draft guidelines on Article 3 of the GDPR, being the provision that sets out the territorial scope of Europe's data protection legislation. The guidelines are only in… Read more

General Data Protection Regulation: first enforcement notice shows extra-territorial reach

October 26, 2018

The UK data protection regulator, the Information Commissioner’s Office (ICO), has issued its first enforcement notice under the EU’s new strict data protection law, the General Data Protection Regulation (679/2016/EU) (GDPR). The notice is particularly noteworthy because it has been… Read more

Data protection if there’s no Brexit deal

September 25, 2018

On 13 September 2018, the UK Government published a series of technical notes setting out the implications in various sectors and areas of a 'no deal' scenario (i.e. a scenario in which the UK leaves the EU without an agreement),… Read more

New reciprocal adequacy decision allows free flow of personal data between Japan and the EEA

July 24, 2018

On 17 July 2018, the EU Commission (“Commission”) and Japan concluded the negotiations on a reciprocal finding of an adequate level of data protection by both sides. Under the General Data Protection Regulation (“GDPR”) which became effective across Europe on… Read more

Compliant or not: the GDPR is here

July 7, 2018

The GDPR came into force on 25 May 2018 and brought with it additional rights for individuals and additional obligations for organisations. It also extends its reach beyond European borders and applies not just to companies within the EEA but… Read more

Extending the long arm of the law – Extra-territoriality and the GDPR

March 7, 2018

We are living in an increasingly inter-connected digital society where the services of many organisations are global in nature, and yet internet activities are still being tackled by national laws and regulations. The online world does not respect physical or… Read more

UK Government Position Paper on International Transfers of Data – Key Points

August 30, 2017

The post below was first published on our Employment blog Last week the UK Government released its negotiating position paper on international transfers of personal data within the EEA (The Exchange and Protection of Personal Data). Once the UK leaves… Read more

EU-US Privacy Shield first annual review announced following a challenging introduction

June 17, 2017

On 12 July 2016, the European Commission adopted an “adequacy decision” allowing for the transatlantic transfer of personal data from the EU to the US in accordance with the framework and principles of the EU-US Privacy Shield (the "Privacy Shield").… Read more

View more posts

Data notes

Filters