On June 28, the European Commission adopted the UK adequacy decision, which will allow personal data to be transferred from the EU to the UK without additional safeguards. In an ideal world, this would indicate that the UK offers an adequate level of protection for personal data, and would signal their willingness to retain those standards. Unfortunately, reality tells a … [Read more...] about Fear and Loathing in the UK Adequacy Decision
GDPR
The Privacy, Data Protection and Cybersecurity Law Review – Edition 7
Privacy, like everything else in 2020, was dominated by the covid-19 pandemic. Employers and governments have been required to consider privacy in adjusting workplace practices to account for who has fever and other symptoms, who has travelled where, who has come into contact with whom and what community members have tested positive or been exposed. As a result of all this need … [Read more...] about The Privacy, Data Protection and Cybersecurity Law Review – Edition 7
Schrems II and Its Impact on the EU-U.S. Privacy Shield
The U.S. Congressional Research Service has examined the impact of Schrems II and published a detailed report that provides an overview of EU law governing international data transfers, including the Schrems II decision; reviews the U.S. surveillance laws relevant to that decision; and concludes by discussing some considerations for Congress. Read CRS Report R46724. … [Read more...] about Schrems II and Its Impact on the EU-U.S. Privacy Shield
Facial recognition: strict regulation is needed to prevent human rights violations
The Council of Europe has issued new guidelines calling for strict rules to avoid the significant risks to privacy and data protection posed by the increasing use of facial recognition technologies. The guidelines also call on governments to ban certain applications of facial recognition altogether to avoid discrimination and human rights violations. … [Read more...] about Facial recognition: strict regulation is needed to prevent human rights violations
Guidelines 01/2021 on Examples regarding Data Breach Notification
The EDPB Guidelines on Examples regarding Data Breach Notification are now available here: https://europa.eu/!wc77KM The guidelines complement the existing WP 29 guidance and provide more practical guidance and recommendations. They are open for public consultation until 02/03/2021 … [Read more...] about Guidelines 01/2021 on Examples regarding Data Breach Notification
Canada’s new Consumer Privacy Protection Act
In a long-awaited move, Navdeep Bains, Canada’s Minister of Innovation, Science and Industry, introduced Bill C-11 — the Consumer Privacy Protection Act. The Minister described the new law as a significant update of PIPEDA, and acknowledged that the last time Canada’s privacy laws were updated was 20 years ago, when PIPEDA was first introduced — before social media and the … [Read more...] about Canada’s new Consumer Privacy Protection Act