EDPB Gives the Green Light to the Commission’s Draft UK Adequacy Decisions

On 13 April 2021, the European Data Protection Board (EDPB) adopted two Opinions on the draft UK adequacy decisions: (i) Opinion 14/2021 for transfers of personal data under the EU General Data Protection Regulation (EU GDPR); and (ii) Opinion 15/2021 for transfers of personal data under the Law Enforcement Directive (LED).

Read More

EmailShare

Digital Health Passports in Europe: Facilitating a Return to the “New Normal” or an Intrusion of Privacy?

With the roll-out of the COVID-19 vaccine and the start of easing of social distancing measures, the latest initiative being considered at a national as well as an international level is the introduction of so-called “digital health passports” or “immunity passports,” i.e., a tool to record and share the immune status of an individual whether by virtue of a COVID-19 test result or vaccination record – indeed, it is estimated there are currently more than 70 digital health passports and 14 vaccine passport apps in operation globally. However, the privacy concerns (and indeed the broader ethical implications) of introducing such measures, without the implementation of appropriate safeguards are significant and a current topic of intense debate.

Read More

EmailShare

SEC Issues Risk Alert on Observations for Firm Compliance With Suspicious Activity Monitoring and Reporting at Broker-Dealers

On March 29, 2021, the U.S. Securities and Exchange Commission (SEC) Division of Examinations (EXAMS) issued a risk alert to remind broker-dealers of their obligations related to anti-money-laundering (AML) rules and regulations as well as to provide the staff’s observations of compliance items related to those obligations. The risk alert also is designed to assist broker-dealers with reviewing and enhancing their AML programs. The staff noted that mutual funds may benefit from the examination observations.

This is the latest EXAMS announcement of its expansion deeper into AML issues. This expansion further demonstrates that broker-dealers need to be prepared to address questions and concerns from both the SEC and the Financial Industry Regulatory Authority (FINRA) in a coordinated and efficient matter even if these overlap.

Read More

EmailShare

An Agency Is Born: California Appoints Board of Its New California Privacy Protection Agency

On March 17, 2021, California officials announced the appointment of five board members of the California Privacy Protection Agency ( the “CPPA”), the first data protection agency in the United States.  The CPPA, created by the California Privacy Rights Act (“CPRA”) which California voters approved in November 2020, is charged with promulgating the CPRA regulations; enforcing the CCPA and CPRA; and educating consumers about their privacy rights.

Read More

EmailShare

New Guidance on the Revised Swiss Data Protection Act Published by the Swiss Regulator

On 5 March 2021, the Federal Data Protection and Information Commissioner (FDPIC) published a short position paper on the revised Swiss Data Protection Act (revDPA).  The position paper provides guidance for companies that are subject to the revDPA as to how to meet its requirements once it enters into force, which is expected to be in the second half of 2022 after the Federal Administration has completed drafting the associated implementing ordinances.

Read More

EmailShare

EU Council Agrees on Proposed ePrivacy Regulation

On February 10, 2021, the Council of the European Union (which includes representatives of the European Union (EU) member states, hereinafter Council) reached an agreement on the ePrivacy Regulation proposal that governs the protection of privacy and confidentiality of electronic communications services (ePrivacy Regulation).

The first draft of the ePrivacy Regulation was approved by the European Commission in 2017 and has since been under discussion in the Council. The current agreement in the Council comes shortly after Portugal took over the Council presidency (on January 1, 2021) and released a revised draft of the ePrivacy Regulation (on January 5), which was the 14th draft including the original EU Commission proposal. The present agreement is therefore a breakthrough in the negotiation process and allows the Portuguese Council presidency to start negotiations with the European Parliament on the final text.

Read More

EmailShare
1 2 3 96
EmailShare
XSLT Plugin by BMI Calculator