TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress: gatekeeper obligations, US adequacy decision, Google litigation, UK data protection reform, Quebec privacy laws Gatekeeper in the EU: The European Commission has designated, for the first time, six gatekeepers – Alphabet, Amazon, Apple, ByteDance, Meta, and Microsoft – under the […]
Tag: EU-US data transfer
Data protection digest 3 – 16 July 2023: can the new EU-US data privacy framework respect the GDPR to the letter?
TechGDPR’s review of international data-related stories from press and analytical reports. EU-US Data Privacy Framework Effective Immediately: On 10 July, the European Commission’s decision on the adequacy of the level of data protection in the US within the new data privacy framework entered into force. If an American-based business is on the approved list, you […]
EU-US Data Privacy Framework Adopted
This afternoon, the European Commission has adopted an adequacy decision for the EU-US Data Privacy Framework. This decision finds that the United States provides an equivalent level of data protection to that of the European Union, enabling the safe and unrestricted flow of personal data from the EU to U.S. companies under the new framework. EU […]
Data protection & privacy digest 3 – 16 May 2023: data processing roles and obligations elaborated by EU top court
TechGDPR’s review of international data-related stories from press and analytical reports. Legal redress Pseudonymised (non-personal) data processing: In the instance of SRB v. EDPS, the European General Court ruled that pseudonymised data communicated by one party with another would not be regarded as personal data in the recipient’s hands if that party lacks a legal […]
Data protection & privacy digest 3 – 17 Apr 2023: US data transfers and AI tools occupy EU
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress US data transfers: A full parliamentary vote on the upcoming EU-US Data Privacy Framework is planned in the coming weeks. So far, a resolution adopted by Civil Liberties Committee MEPs argues that the European Commission should not grant the US […]
Data protection & privacy digest 4 – 17 March 2023: position of DPOs, user behavior analysis, creditworthiness and profiling
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress DPOs enforcement action: The EDPB launches coordinated enforcement action on the designation and position of data protection officers. DPOs across the EU will be sent questionnaires, with the possibility of further formal investigations and follow-ups. According to the Portuguese data […]
Data protection & privacy digest 18 Feb – 3 Mar 2023: practical application of the EU-US Data Privacy Framework remains a concern
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: EU-US data privacy framework, China’s outbound data rules, international transfer risk assessment, Australian small business to adopt data protection The EDPB sees improvements under the EU-US Data Privacy Framework, but many more concerns remain. The improvements include the introduction of requirements embodying […]
Data protection & privacy digest 16 Dec – 2 Jan 2023: US signals intelligence redress mechanism, “dormant” privacy risk assessment, data brokerage
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress: US signals intelligence redress mechanism, Google search results removal, California consumer privacy rights, Australia Privacy Act review The US Office of the Director of National Intelligence, (ODNI), published a directive for implementing the signals intelligence redress mechanism created under the […]
Data protection & privacy digest 1 – 15 December 2022: draft US adequacy decision, Microsoft ‘data boundary’ for the EU, Age-appropriate design code
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: draft US adequacy decision, EDPB’s binding decisions, draft AI Act The EU issued a draft adequacy decision for the United States, saying US safeguards against America’s intelligence activities were strong enough to address EU concerns on data transfers. Previously, personal data could […]
Data protection & privacy digest 9 – 30 November 2022: Microsoft 365 non-compliance, Meta “data scraping” fine, Amazon Prime class action
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: Microsoft Office 365 cloud services, privacy complaints, lead supervisory authority, NIS2 Directive, Australia data breach penalties The German Data Protection Conference negatively assessed the data processing agreements for Microsoft 365 cloud services, regarding the requirements of Art. 28 of the GDPR. The […]