European Data Protection Board Issues Final Schrems II Recommendations
The European Data Protection Board (“EDPB”), adopted on 18 June 2021 its final recommendations describing how controllers and processors transferring personal data outside the European Economic Area (“EEA”) may comply with the Schrems II ruling (“Final Schrems II Recommendations”). The Final Schrems II Recommendations, … Read More
EU Commission Invites Stakeholders Feedback on Draft AI Regulation
On April 26, 2021, the European Commission announced that its draft proposal for the new EU Artificial Intelligence Regulation (“Draft AI Regulation”) is currently indicated to be open for feedback until July 15, 2021.* The Draft AI Regulation was published on April 21. Please refer to our blog … Read More
Developments in Cookie Regulation: French CNIL Declares Intent to Audit Websites for Cookie Compliance
On April 2, 2021 the French Data Protection Authority (the “Commission Nationale de l’Informatique et des Libertés” or “CNIL”) published its intent to start auditing websites for compliance with cookie regulations. This publication comes following a large number of developments and actions taken by the CNIL … Read More
EU Commission Issues Draft AI Regulation
On April 21, 2021, the European Commission (EC) issued its eagerly awaited draft proposal on the EU Artificial Intelligence Regulation (Draft AI Regulation) – the first formal legislative proposal regulating Artificial Intelligence (AI) on a standalone basis. The Draft AI Regulation is accompanied by … Read More
EU Council Agrees on Proposed ePrivacy Regulation
On February 10, 2021, the Council of the European Union (which includes representatives of the European Union (EU) member states, hereinafter Council) reached an agreement on the ePrivacy Regulation proposal that governs the protection of privacy and confidentiality of electronic communications services (ePrivacy Regulation).
The first draft of the ePrivacy … Read More
European Data Protection Board Issues Schrems II Recommendations
Following the Court of Justice of the European Union’s (“CJEU”) decision in Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems on 16 July 2020 (“Schrems II”), the European Data Protection Board, tasked with overseeing compliance with the GDPR (“EDPB”), on 11 November 2020 issued its anticipated … Read More
European Data Protection Supervisor Issues Schrems II Guidelines
Following the Court of Justice of the European Union’s (“CJEU”) decision in Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems on 16 July 2020 (“Schrems II”), the European Data Protection Supervisor, tasked with overseeing compliance with EU data protection laws by the EU institutions (“EUIs” and … Read More
German DSK Issues GDPR Fining Methodology Guidelines
Recently, the Association of German Data Protection Authorities (“Datenschutzkonferenz” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. This Fining Methodology has been issued at the time of a significant increase in GDPR enforcement … Read More