Japan Adequacy Decision Adopted by the EU Commission

On 23 January 2019, the EU Commission adopted a decision confirming the adequacy of Japanese data protection laws for the purpose of transferring personal data from the EU to Japan in compliance with the international data transfer restrictions set out in Chapter V of the GDPR. Continue reading

Save the data: EU General Data Protection Regulation to apply from 25 May 2018

The EU General Data Protection Regulation has finally been approved and published in the Official Journal. The countdown to its application date of 25 May 2018 has therefore begun.

The European Commission published its first draft of the EU General Data Protection Regulation (the “GDPR“) in January 2012, a comprehensive reform of current the existing EU regime. In April 2016, after over four years of debate, the final text of the GDPR was formally approved.

The GDPR has now been published in the Official Journal (on 4 May 2016) and will enter into force on the 20th day following that publication (i.e. on 25 May 2016). There is then a two year implementation period, meaning that it will apply from 25 May 2018.

This eBulletin gives an overview of some of the key compliance issues for organisations in relation to the GDPR, including as to data security and sanctions which are not only relevant from a pure data protection compliance perspective, but also in the broader context of data issues and cyber security.#

Continue reading