GC Collective By Ben Daniels The GC Collective collection offers insight and comment for General Counsels (GCs) and in-house legal teams.
UK data protection reform, reformed? Data Protection and Digital Information (No.2) Bill published By Jade Kowalski It has been a busy week for privacy professionals. The Government has published the second iteration of its proposals to reform the UK General Data Protection Regulation in the form of the Data Protection and Digital Information (No.2) Bill (“DPDI…
ICO Tech Horizons Report – what does it mean for the use of emerging technology? By Jade Kowalski The Information Commissioner’s Office ( ICO ) published its first ‘ Tech Horizons Report’ (the Report ) on 15 December 2022. In this article, we provide a summary of the Report and our thoughts on its implications for organisations involved with…
European Commission publishes draft adequacy decision for the EU-US By Jade Kowalski On 13 December 2022, the European Commission published a draft adequacy decision for the EU-US Data Privacy Framework (the Draft Decision). If approved, EU organisations will have the ability to freely transfer personal data to US organisations who…
ICO International Transfers Guidance Update By Charlotte Halford Last week, on 17 November 2022, the Information Commissioner’s Office (ICO) published an update to its guidance on ‘International transfers’, accompanied by a blog post written by Emma Bate (Director of Legal Services (Regulatory Advice &…
Update: US signs Executive Order establishing a new EU-US Data Privacy Framework By Charlotte Halford On Friday, 7 October 2022, President Joe Biden signed an Executive Order ( EO ), which will enable the implementation of the new EU-US Data Privacy Framework (the Framework ) – a development which has been long-awaited by all organisations that…
Reminder: Use of UK International Data Transfer Agreement or UK Addendum mandatory from today 21 September By Charlotte Halford As of today 21 September 2022, where you are a undertaking an international transfer from the UK where a transfer mechanism is requirement, all new arrangements and any existing arrangements where there is a change in the processing will be required…
DPC Fines Facebook parent Company Meta €17 million for Breaches of GDPR By Charlotte Burke On 15 March 2022, Ireland’s data protection regulator, the Data Protection Commission (“DPC”) announced it would be imposing a fine of €17 million on Meta, Facebook’s parent company, following an inquiry into 12 data breach notifications it received…
Can processors re-use personal data for their own purposes? A view from France. By Jade Kowalski Against a backdrop of stringent data protection law introduced over recent years, we are continuing to witness the emergence of innovative technology solutions which heavily rely on the use of data, and the associated need for the suppliers of these…
The ICO’s Age Appropriate Design Code: is your organisation in scope? By Jade Kowalski On 2 September 2021, the ICO’s Age Appropriate Design Code for Online Services (the “ Code ”) came into force. Elizabeth Denham, the Information Commissioner, explains that its aim is to ensure that online providers create a safe space for children…
UK adequacy, new SCCs and finalised EDPB recommendations - all change for international data transfers By Jade Kowalski It has been a busy few weeks in the world of international data transfers, and we finally seem to be heading towards some certainty after many months in a state of flux. The latest development, announced today (28 June 2021), is confirmation that…