The European Union (EU)’s government organizations are just like any another entity trying to function in a world where global companies and even government entities are reliant on digital platforms for messaging and...more
The European Data Protection Board (EDPB) during its 90th plenary session, on 14 February 2024, amongst other things: - adopted an opinion (the Opinion) on the notion of a controller’s main establishment, including...more
This regular alert covers key regulatory developments related to EU emergency responses, including in particular, to COVID-19, Russia’s war of aggression on against Ukraine, and cyber threats. It does not purport to provide...more
On 18 June 2021, the European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) issued a joint opinion on the European Union’s proposed AI Regulation, which was announced earlier this year....more
ANTITRUST AND COMPETITION - The European Commission Opens a New Investigation in the Pharma Sector - On 4 March 2021, the European Commission (Commission) has opened a formal investigation into alleged misuses of patent...more
On 10 February 2021, the European Data Protection Supervisor (EDPS) published its opinions on the European Commission’s proposals for a Digital Services Act and a Digital Markets Act. The EDPS welcomes both legislative...more
When a controller engages a processor, the GDPR requires that the parties enter into a specific contract that contains certain mandatory provisions. This contract is often referred to as a ‘data processing agreement’ or...more
On 15 January, 2021, the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) adopted a joint opinion (“Joint Opinion”) on the draft new sets of Standard Contractual Clauses (“New...more
Last week, the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) published a joint opinion on the European Commission’s (“EC”) proposed new set of Standard Contractual Clauses for...more
italiano: La gestione gel flusso trasfrontaliero dei dati dopo la sentenza Schrems II By: Ivan Rotunno, Giulia Rivarola di Roccella, and Martina Acquaro Following the decision of the European Court of Justice of the European...more
The European Court of Justice’s ruling in Schrems II, invalidating the EU-U.S. Privacy Shield framework as a means of transmitting personal data from the EU to the U.S., has drawn swift reaction from data protection...more
The European Data Protection Supervisor weighs the impact of the COVID-19 on future data protection strategy and fundamental rights. “Covid-19 is a game changer. Thinking about the EDPS’ strategy for the next five years, we...more
The European Data Protection Board and the European Data Protection Supervisor recently issued a joint opinion on the processing of personal data and the role of the European Commission within the eHealth Digital Health...more
After its first draft of February 29, 2016, the European Commission adopted the EU-U.S. Privacy Shield adequacy decision on July 12, 2016. The first draft was adopted after the cancellation of the Safe Harbor by the Court of...more
The push for the European Union and the United States to reopen negotiations over the EU-U.S. Privacy Shield may have just become a shove, due to a recent opinion released by the European Data Protection Supervisor (EDPS)...more
Last week has seen two important developments in relation to the EU-U.S. Privacy Shield (“Privacy Shield”) for transfers of personal information from Europe to the United States. A draft adequacy decision and related...more
The EU Passenger Name Record (PNR) Directive has had a turbulent ride: it was first proposed in 2011, rejected in 2013 by the Civil Liberties Committee and discussions suspended a year later. It was then revived in the...more