EU Data Protection

EDPB Issues Draft Guidelines on the Calculation of Administrative Fines

May 19, 2022 By Yung Shin Van Der Sype and Paul Greaves

On May 16, 2022, the European Data Protection Board (‘EDPB’) published draft regulatory guidelines (‘draft guidance’) on the calculation of administrative fines for infringements of the EU General Data Protection Regulation (‘GDPR’). In the draft guidance, the EDPB sets out its methodology, consisting of five steps, for calculating administrative fines. The EDPB adopted these guidelines […]

EU and U.S. Reach Agreement In Principle on a Replacement for the EU-U.S. Privacy Shield

March 25, 2022 By Paul Greaves and Wim Nauwelaerts

On March 25, 2022, the European Commission and the United States announced that they have reached an “agreement in principle” on a replacement for the EU-U.S. Privacy Shield, which was invalidated by the Court of Justice of the European Union in 2020. The new framework will be designed to allow personal data to flow freely […]

Major Overhaul of EU Clinical Trial Rules Kicks In on 31 January 2022

January 28, 2022 By Wim Nauwelaerts

On 31 January 2022, the EU Clinical Trial Regulation (CTR) will come into application, almost 8 years after its adoption by the European Parliament and the Council of the EU. The CTR will radically change the regulatory framework for conducting clinical trials in the EU Member States as well as European Economic Area (EEA) countries […]

EDPB Issues New Guidance for Assessing Personal Data Breaches under the EU GDPR

January 10, 2022 By Paul Greaves and Wim Nauwelaerts

On Monday, 3 January 2022, the European Data Protection Board (“EDPB”) published the finalized version of its regulatory guidance entitled “Examples regarding Personal Data Breach Notification” (the “Guidelines”), following a public consultation on a draft set of guidelines in 2021. The finalized Guidelines are a practice-oriented, and case-based set of examples that leverage the experiences […]

EDPB issues draft guidelines on the interplay between the GDPR’s provisions on territorial scope and international data transfers

November 22, 2021 By Yung Shin Van Der Sype and Wim Nauwelaerts

On November 18, the European Data Protection Board (“EDPB”) released draft guidelines on the interplay between Article 3 GDPR – which sets out the GDPR’s territorial scope – and the provisions in Chapter V of the GDPR, which impose restrictions on international data transfers. In this draft guidance, the EDPB clarifies which (cumulative) criteria must […]