Alston & Bird Privacy, Cyber & Data Strategy Blog

Yung Shin Van Der Sype

Avatar photo

About Yung Shin Van Der Sype

Yung Shin is an associate with Alston & Bird’s Technology & Privacy Group and Privacy, Cyber & Data Strategy Team. She focuses her practice on IT law and HR-related matters, including privacy and data protection, IT contracts, and corporate security.

EDPB Issues Draft Guidelines on the Calculation of Administrative Fines

By and

On May 16, 2022, the European Data Protection Board (‘EDPB’) published draft regulatory guidelines (‘draft guidance’) on the calculation of administrative fines for infringements of the EU General Data Protection Regulation (‘GDPR’). In the draft guidance, the EDPB sets out its methodology, consisting of five steps, for calculating administrative fines. The EDPB adopted these guidelines […]

Italian Supervisory Authority imposes 20 million EUR fine on controller outside of Europe

By and

The Italian Garante per la Protezione dei dati Personali (‘Italian SA’) published a decision of February 10, 2022 in which it imposes a 20 million EUR fine on a company outside of Europe for violation of the EU General Data Protection Regulation (‘GDPR’). Clearview AI is a U.S.-based company that provides search engine services involving […]

Belgian Data Protection Authority Fines Bank for DPO’s Conflicting Roles

By and

In a decision of December 16, 2021, the Belgian Data Protection Authority (“DPA”) imposed a EUR 75,000 administrative fine on a bank located in Belgium for failure to comply with the requirement in Article 38.6 of the General Data Protection Regulation (“GDPR”) that the tasks and duties of the Data Protection Officer (“DPO”) must not […]

EDPB Issues Draft Guidelines on Data Subject Access Rights

By , and

On January 28, 2022, the European Data Protection Board (“EDPB”) published draft regulatory guidelines (“draft guidance”) on the right of data subjects to have access to their personal data under the EU General Data Protection Regulation (“GDPR”). In the draft guidance, the EDPB explains the aim and components of the right. This analysis is followed […]

EDPB issues draft guidelines on the interplay between the GDPR’s provisions on territorial scope and international data transfers

By and

On November 18, the European Data Protection Board (“EDPB”) released draft guidelines on the interplay between Article 3 GDPR – which sets out the GDPR’s territorial scope – and the provisions in Chapter V of the GDPR, which impose restrictions on international data transfers.  In this draft guidance, the EDPB clarifies which (cumulative) criteria must […]