Summary The EDPB has reviewed implementation of the GDPR so far and has declared the first year and a half a success. The EDPB did note areas for improvement, including the impact of implementation on SMEs and issues with cooperation across different jurisdictions. However, notwithstanding these difficulties, the EDPB considers that it would be premature … Read more
Publicly the UK government is pursuing an adequacy decision from Europe regarding data protection and privacy regulations, but recent comments from ‘Number 10’ could be interpreted as saying the UK may be comfortable pursuing a different privacy path to the EU from the end of December 2020. The issue is about more than making changes … Read more
What better day than today, International Data Privacy Day, to explore what 2020 is likely to have in store for data and privacy? Almost two years ago the EU General Data Protection Regulation (GDPR) thrust data and privacy issues firmly in the spotlight, where they remain. With attention having shifted from guidance to enforcement, this article … Read more
Data has been labeled the world’s most valuable resource in our current digital economy. It is the lifeblood of many companies, especially those in the technology, media and telecommunications sector where data is often used to predict, analyse and respond to consumers’ behaviours, patterns and preferences for services and products. Capabilities to collect and analyse … Read more
Almost exactly a year after publishing its draft version, the EDPB has adopted its final guidelines on Article 3 of the GDPR and the extra-territorial scope of the legislation. The adopted guidelines don’t differ substantially from the consultation draft but include a number of clarifications and new examples. Some of the key takeaways are: Article … Read more
The Information Commissioner’s Office in the UK (ICO) has announced an investigation into the use of facial recognition technology following a string of high profile uses. Prior to the results of this investigation, companies using facial recognition technology should: undertake a balancing test to ensure proportionality in the use of such technology, acknowledging its intrusiveness; … Read more
The Court of Justice of the European Union has confirmed in the Planet49 case that a pre-ticked checkbox does not constitute valid consent for ePrivacy purposes. Read more
In our latest report, we informed you about new developments regarding imposed sanctions by Data Protection Authorities (“DPA”) in Germany and Austria and about a model for calculating fines imposed under the General Data Protection Regulation (“GDPR”) proposed by the Conference of the German “Independent Data Protection Supervisory Authorities of the Federal Government and the … Read more
The Privacy and Data Protection Journal has published an article by Duc Tran (Senior Associate) and Laura Adde (Associate) of our Digital TMT, Sourcing & Data and Cyber Security teams. The article examines the concept of “joint controllership” in light of recent case law and existing legislative guidance. Please click here to access the full … Read more
