Habemus UK adequacy!

After many debates, lots of speculation, and negotiations, the Adequacy decisions for the United Kingdom have been approved and Personal Data can continue to flow freely from the EEA to the UK after 30 June 2021. In my opinion, it is both right and reasonable that the decisions have been adopted, given that the ...

Would a US federal privacy law re-establish trusted EU-US data flows?

You might be aware that early last month US Congresswoman Suzan DelBene, Representing Washington's 1st District, introduced the Information Transparency and Personal Data Control Act – in her words “legislation that would create a national data privacy standard to protect our most personal information and bring our  laws into the 21st Century.”   Important aspects of the Information Transparency and Personal Data ...

UPDATE (II): “PUBLIC HEALTH AND PRIVACY” AND NOT “PUBLIC HEALTH OR PRIVACY”: A COLLECTION OF GUIDANCE ON COVID-19

In the evolving COVID-19 scenario in which business continuity also depends on adequate data protection and cybersecurity practices on the part of organizations, knowledge mapping of privacy & data protection guidance and cybersecurity best practices has taken on an even more important role. It’s for that very reason that, without the presumption of completeness, I ...

“PUBLIC HEALTH AND PRIVACY” AND NOT “PUBLIC HEALTH OR PRIVACY”: Surveillance in the fight against COVID-19

“Hopefully COVID-19 will be gone at some point, but tracking technologies may stay for longer and permanently hamper the rights and freedoms of individuals” As part of my blog series on #PublicHealthANDprivacy in light of the COVID-19 pandemic, this short reflection will focus on digital surveillance. There is no doubt that data and technology have the ...

Results of the 3rd review of EU-U.S. Privacy Shield are finally here

Today, 23 October 2019, the European Commission published its report on the EU-U.S. Privacy Shield, to which approximately 5,000 companies are participating. The results of the Report are largely positive and confirm that the US ensures an adequate level of protection for the data transferred to it from the EU. Furthermore, in the Report, ...

EU Commission and Parliament take stock on Data Protection in the EU

Today, 25 July 2019, the European Commission and the European Parliament published a Communication outlining the state of data protection in the EU. The document touches on consistent implementation of the GDPR, how the new governance system is working, and the impact that it has had, also in a global level, in terms of citizens ...

Věra Jourová: SCCs to be modernised

In her intervention at the "The General Data Protection Regulation one year on: Taking stock in the EU and beyond" event held on 13 June 2019, Commissioner Věra Jourová discussed the state of the art of the GDPR, also with the aim of providing input to the next Commission who "will have to start working ...

PERSONAL DATA PROTECTION AND THE USE OF INFORMATION TO FIGHT ONLINE-TERRORIST PROPAGANDA, RECRUITMENT, AND RADICALIZATION: Part II

I ended my last blog post by asking, "What information and under which circumstances can and should LEAs remove terrorist propaganda from social media platforms and other websites?  When would such actions fall under the scope of the EU data protection framework?" In this second blog post of my exploration into the matter based on an upcoming ...

Europe and Japan to speak the same privacy language

On 17 July 2018, the EU and Japan announced the conclusion of discussions on reciprocal adequacy of their legal systems, agreeing to create the world's largest area of safe data flows.  You can read the official press release here. The successful conclusion of the EU-Japan data protection-related talks is very good news for everyone. It will ...