Data Protection

Brazil’s General Data Protection Law: A Comparison Between Brazil’s Newly Effective Law and the GDPR

September 19, 2020 By Dorian Simmons

Brazil’s General Data Protection Law (the “LGPD”), a law similar to the European Union’s General Data Protection Regulation (the “GDPR”) is now effective. On April 29 of this year, Brazil’s President issued Provisional Measure 959 that, amongst other things, postponed the effective date of the LGPD, which was originally set to be effective August 2020, […]

EDPB Emphasizes Joint Controllership between Social Media Providers and ‘Targeters’ in Draft Guidance

September 10, 2020 By Paul Greaves

On September 7, 2020, the European Data Protection Board (‘EDPB’) published its draft guidelines on targeting of social media users (the ‘Guidelines’). The EDPB is accepting feedback from stakeholders on the Guidelines until October 19, 2020. The Guidelines not only provide guidance on the obligations of social media providers (‘Providers’) under the EU General Data […]

EDPB publishes draft guidelines on the concepts of controller and processor

September 8, 2020 By Yung Shin Van Der Sype and Wim Nauwelaerts

The European Data Protection Board (“EDPB”) has published draft guidelines on the concepts of controller and processor for public consultation. While its predecessor – the Article 29 Working Party – had issued guidance on the concepts of controller/processor (Opinion 1/2010, WP169) back in 2010, many practical concerns have been raised since the entry into force […]

European Parliament Committee Meeting Provides Insight into the Future of EU-US Personal Data Flows

September 7, 2020 By Paul Greaves

On September 3, 2020, The EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (the LIBE Committee), met to discuss the future of future of EU-US personal data flows following the Schrems II decision. In particular, the session was attended by Max Schrems, EU Commissioner for Justice Didier Reynders, and Andrea Jelinek (head of […]

German DPA Publishes Schrems II Transfer Compliance Checklist and Suggested Modifications to SCCs

August 26, 2020 By Daniel Felz and Paul Greaves

On August 24, 2020, the data protection authority of the German state of Baden-Württemberg (the “DPA”) published guidance (the “Guidance”) on international transfers of personal data following the Schrems II judgment (which we have previously covered here). This represents the first comprehensive guidance by a European privacy supervisor indicating how it intends to enforce the […]