Alston & Bird Privacy, Cyber & Data Strategy Blog

Data Protection

Council of Europe Launches Model Contractual Clauses for Transfers of Personal Data

By and

On June 16, 2023, the Council of Europe’s Committee of Convention 108+ (i.e., the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data) adopted Model Contractual Clauses for cross-border data flows (“MCCs”). The MCCs are intended to cover the transfers of personal data to countries that are not parties to […]

Joint Regulatory Guidance Aims to Help Companies Transfer Personal Data Across ASEAN and EU Member States

By and

On May 23, 2023, the European Commission together with ASEAN (the Association of Southeast Asian Nations) published guidance that identifies commonalities and differences between the EU Standard Contractual Clauses for international data transfers (“SCCs”), and ASEAN’s Model Contractual Clauses (“MCCs”), to assist companies  with their efforts to comply with data transfer rules in both regions […]

The EU Supervisory Authorities’ Coordinated Enforcement Action in the EU: This Year It’s All About DPOs

By , and

On March 15, 2023, the European Data Protection Board (“EDPB”) – the body through which the EU Member States’ Supervisory Authorities cooperate – along with 26 EU Supervisory Authorities officially launched a “coordinated enforcement action”, focusing on the designation of Data Protection Officers (“DPOs”) under the EU GDPR, and the position that DPOs hold in […]

New NAIC Consumer Privacy Model Law Proposed for Insurers

By , and

The National Association of Insurance Commissioners (NAIC) Privacy Protections Working Group (the “Working Group”) released Insurance Consumer Privacy Protection Model Law #674 (“Model 674”) for comment on February 1, 2023. Model 674 is intended to modernize and replace the Insurance Information and Privacy Protection Model Act #670 (“Model 670”) and the Privacy of Consumer Financial […]

CPPA Anticipates April Effective Date for CPRA Regulations

By

The California Privacy Protection Agency (“CPPA”) announced during its Board meeting on December 16, 2022 that the regulations implementing the California Privacy Rights Act (“CPRA”) will not likely go into effect until April 2023. CPPA Executive Direct Ashkan Soltani stated that the CPPA Staff plans to publish the final draft of the CPRA regulations in […]