Data Protection

Belgian Data Protection Authority Fines Bank for DPO’s Conflicting Roles

January 31, 2022 By Wim Nauwelaerts and Privacy, Cyber & Data Strategy Team

In a decision of December 16, 2021, the Belgian Data Protection Authority (“DPA”) imposed a EUR 75,000 administrative fine on a bank located in Belgium for failure to comply with the requirement in Article 38.6 of the General Data Protection Regulation (“GDPR”) that the tasks and duties of the Data Protection Officer (“DPO”) must not […]

EDPB Issues Draft Guidelines on Data Subject Access Rights

January 30, 2022 By Paul Greaves, Wim Nauwelaerts and Privacy, Cyber & Data Strategy Team

On January 28, 2022, the European Data Protection Board (“EDPB”) published draft regulatory guidelines (“draft guidance”) on the right of data subjects to have access to their personal data under the EU General Data Protection Regulation (“GDPR”). In the draft guidance, the EDPB explains the aim and components of the right. This analysis is followed […]

Major Overhaul of EU Clinical Trial Rules Kicks In on 31 January 2022

January 28, 2022 By Wim Nauwelaerts

On 31 January 2022, the EU Clinical Trial Regulation (CTR) will come into application, almost 8 years after its adoption by the European Parliament and the Council of the EU. The CTR will radically change the regulatory framework for conducting clinical trials in the EU Member States as well as European Economic Area (EEA) countries […]

EDPB Issues New Guidance for Assessing Personal Data Breaches under the EU GDPR

January 10, 2022 By Paul Greaves and Wim Nauwelaerts

On Monday, 3 January 2022, the European Data Protection Board (“EDPB”) published the finalized version of its regulatory guidance entitled “Examples regarding Personal Data Breach Notification” (the “Guidelines”), following a public consultation on a draft set of guidelines in 2021. The finalized Guidelines are a practice-oriented, and case-based set of examples that leverage the experiences […]

Time to Restore Trust in Data Flows between Countries? Peter Swire Discusses Recent OECD Efforts in Developing Principles for Government Access to Data.

January 4, 2022 By Privacy, Cyber & Data Strategy Team

Alston & Bird Senior Counsel Peter Swire recently published an article in Lawfare titled, “Towards OECD Principles for Government Access to Data.” Peter and his co-authors discuss recent efforts of the Organization for Economic Cooperation and Development (OECD) to formulate common principles regulating governmental access to personal data held by the private sector for national […]