GDPR

Are You Using EU Standard Contractual Clauses for Data Transfers? Be Aware of these Breach Notification Requirements

January 8, 2024 By Wim Nauwelaerts

It has become common knowledge that the General Data Protection Regulation (2016/679) (GDPR) heavily restricts transfers of personal data outside of the European Union (EU). In the absence of an adequacy decision by the European Commission, the GDPR allows controllers and processors to transfer personal data to a third country outside of the EU only […]

Filed Under: Data Breach, GDPR, International, Standard Contractual Clauses Tagged With: Data Breach Notification, European Union (EU), International Data Transfers

EU’s Highest Court Issues Major AI Decision With Wide-Reaching Impact

December 19, 2023 By Daniel Felz, Wim Nauwelaerts and Alice Portnoy

On 7 December 2023, the Court of Justice of the European Union (CJEU) issued an important decision on how the GDPR governs AI-assisted decisions. The case arose in the financial services context, with the court holding that the GDPR’s AI rules apply when banks use credit scores to make consumer credit decisions. But, the decision […]

Filed Under: Artificial Intelligence, Data Protection, GDPR, Germany

International Data Transfers: European Commission Gives Green Light to EU-U.S. Data Privacy Framework

July 12, 2023 By Wim Nauwelaerts, Alice Portnoy and Paul Greaves

What Happened? On July 10, 2023, the European Commission (‘EC’) adopted its long-awaited adequacy decision approving the EU-U.S. Data Privacy Framework (‘DPF’). By doing so, the EC is confirming that personal data transferred to the U.S. under the DPF is adequately protected in line with the EU GDPR’s international data transfer rules. Transfers of personal […]

Filed Under: GDPR, Government Access to Data

Joint Regulatory Guidance Aims to Help Companies Transfer Personal Data Across ASEAN and EU Member States

May 31, 2023 By Alice Portnoy and Wim Nauwelaerts

On May 23, 2023, the European Commission together with ASEAN (the Association of Southeast Asian Nations) published guidance that identifies commonalities and differences between the EU Standard Contractual Clauses for international data transfers (“SCCs”), and ASEAN’s Model Contractual Clauses (“MCCs”), to assist companies with their efforts to comply with data transfer rules in both regions […]

Filed Under: Data Protection, GDPR, International, Standard Contractual Clauses

EU Supervisory Authorities Clarify Breach Notification Requirements

April 17, 2023 By Wim Nauwelaerts

Background On April 4th, 2023, the European Data Protection Board (‘EDPB’), which is composed of representatives of the EU national supervisory authorities and the European Data Protection Supervisor (‘EDPS’), published an updated version of the Working Party 29 Guidelines on personal data breach notification under the EU General Data Protection Regulation (‘GDPR’). The EDPB had […]

Filed Under: Data Breach, EDPB, GDPR Tagged With: European Union (EU)

« Go to Previous Page
Page 1
Page 2
Page 3
Page 4
Interim pages omitted …
Page 20
Go to Next Page »