Alston & Bird Privacy, Cyber & Data Strategy Blog

Wim Nauwelaerts

The EU Supervisory Authorities’ Coordinated Enforcement Action in the EU: This Year It’s All About DPOs

By , and

On March 15, 2023, the European Data Protection Board (“EDPB”) – the body through which the EU Member States’ Supervisory Authorities cooperate – along with 26 EU Supervisory Authorities officially launched a “coordinated enforcement action”, focusing on the designation of Data Protection Officers (“DPOs”) under the EU GDPR, and the position that DPOs hold in […]

European Commission Takes Significant Step Towards New Solution for Transatlantic Transfers of Personal Data

By and

What Happened? On December 13, 2022, the European Commission (the “Commission”) took a significant step towards the adoption of the EU-U.S. Data Privacy Framework (“DPF”). The DPF is a new framework designed to replace the EU-U.S. Privacy Shield (“Privacy Shield”), which was struck down by Court of Justice of the European Union in the Schrems […]

EU Standard Contractual Clauses (SCCs) Deadline is Looming

By and

Companies relying on the SCCs as a data transfer tool have less than a month to update their existing contracts (if they haven’t done so already).  WHAT HAPPENED? The EU General Data Protection Regulation (GDPR) allows companies that want to transfer personal data protected by the GDPR to third countries outside the EU/EEA to do […]

Belgian Supervisory Authority Sanctions News Media Company for Violating Cookie Rules

By

On May 25th, the Belgian Supervisory Authority (“GBA”) announced that it had imposed a fine of EUR 50,000 on a Belgium-based news media company for using cookies on its websites without complying with applicable cookie law requirements. The GBA decided to sanction the company mainly because although the company had obtained consent from website visitors […]

EU and U.S. Reach Agreement In Principle on a Replacement for the EU-U.S. Privacy Shield

By and

On March 25, 2022, the European Commission and the United States announced that they have reached an “agreement in principle” on a replacement for the EU-U.S. Privacy Shield, which was invalidated by the Court of Justice of the European Union in 2020. The new framework will be designed to allow personal data to flow freely […]