GDPR

EU’s Highest Court Issues Major AI Decision With Wide-Reaching Impact

December 19, 2023 By Daniel Felz, Wim Nauwelaerts and Alice Portnoy

On 7 December 2023, the Court of Justice of the European Union (CJEU) issued an important decision on how the GDPR governs AI-assisted decisions. The case arose in the financial services context, with the court holding that the GDPR’s AI rules apply when banks use credit scores to make consumer credit decisions. But, the decision […]

Filed Under: Artificial Intelligence, Data Protection, GDPR, Germany

International Data Transfers: European Commission Gives Green Light to EU-U.S. Data Privacy Framework

July 12, 2023 By Wim Nauwelaerts, Alice Portnoy and Paul Greaves

What Happened? On July 10, 2023, the European Commission (‘EC’) adopted its long-awaited adequacy decision approving the EU-U.S. Data Privacy Framework (‘DPF’). By doing so, the EC is confirming that personal data transferred to the U.S. under the DPF is adequately protected in line with the EU GDPR’s international data transfer rules. Transfers of personal […]

Filed Under: GDPR, Government Access to Data

Joint Regulatory Guidance Aims to Help Companies Transfer Personal Data Across ASEAN and EU Member States

May 31, 2023 By Alice Portnoy and Wim Nauwelaerts

On May 23, 2023, the European Commission together with ASEAN (the Association of Southeast Asian Nations) published guidance that identifies commonalities and differences between the EU Standard Contractual Clauses for international data transfers (“SCCs”), and ASEAN’s Model Contractual Clauses (“MCCs”), to assist companies with their efforts to comply with data transfer rules in both regions […]

Filed Under: Data Protection, GDPR, International, Standard Contractual Clauses

EU Supervisory Authorities Clarify Breach Notification Requirements

April 17, 2023 By Wim Nauwelaerts

Background On April 4th, 2023, the European Data Protection Board (‘EDPB’), which is composed of representatives of the EU national supervisory authorities and the European Data Protection Supervisor (‘EDPS’), published an updated version of the Working Party 29 Guidelines on personal data breach notification under the EU General Data Protection Regulation (‘GDPR’). The EDPB had […]

Filed Under: Data Breach, EDPB, GDPR Tagged With: European Union (EU)

The EU Supervisory Authorities’ Coordinated Enforcement Action in the EU: This Year It’s All About DPOs

March 17, 2023 By Wim Nauwelaerts, Paul Greaves and Alice Portnoy

On March 15, 2023, the European Data Protection Board (“EDPB”) – the body through which the EU Member States’ Supervisory Authorities cooperate – along with 26 EU Supervisory Authorities officially launched a “coordinated enforcement action”, focusing on the designation of Data Protection Officers (“DPOs”) under the EU GDPR, and the position that DPOs hold in […]

Filed Under: Data Protection, EDPB, Enforcement, GDPR, Privacy

« Go to Previous Page
Page 1
Page 2
Page 3
Page 4
Interim pages omitted …
Page 20
Go to Next Page »