09/06/21 – At the end of last week, and more than three months later than originally expected, the European Commission published final versions of its new standard contractual clauses (SCCs) for the transfer of personal data to third countries (New EU SCCs). The New EU SCCs replace the standard contractual clauses adopted by the European […]
Read more »26/05/21 – The UK Jurisdiction Taskforce (UKJT) received extensive and overwhelmingly positive publicity for the Legal Statement on the Status of Cryptoassets and Smart Contracts that it published in December 2019 – you can read more about the Legal Statement here. On 22nd April 2021 the UKJT published its Digital Dispute Resolution Rules (Rules) which: Give […]
Read more »05/05/21 – If your organisation does not transfer personal data to ‘third countries’, i.e. countries outside the EEA that do not have a UK adequacy finding, then breathe a sigh of relief and feel free to go and do something else. If, however, your organisation does transfer personal data to a ‘third country’ (which for […]
Read more »26/04/21 – The European Commission aims to turn the EU into ‘the global hub for trustworthy Artificial Intelligence (AI)’. With that objective in mind, on 21st April 2021 the Commission published its Proposal for a Regulation on a European approach for Artificial Intelligence. Very interesting, I’m sure. But presumably not relevant to those of us […]
Read more »15/04/21 – If you’ve been following the progress of the UK adequacy decisions (see updates from December 2020 and March 2021), you will know that we have been waiting for the European Data Protection Board’s opinions on the draft UK adequacy decisions. As per the EDPB’s press release yesterday, these opinions have now been adopted. […]
Read more »30/03/21 – As part of the Trade and Cooperation Agreement announced just before Christmas, the EU and the UK agreed a six-month ‘bridging period’ allowing transfers of personal data from the EEA to the UK to continue freely until 30th June 2021 – more detail here. Half-way through the bridging period is probably a good […]
Read more »12/03/21 – In accordance with the Copyright, Designs and Patents Act 1988 where any work “is made by an employee in the course of his employment, his employer is the first owner of any copyright in the work, subject to any agreement to the contrary”.
Read more »In July 2020 the European Court of Justice in its ‘Schrems II’ judgment invalidated the EU-U.S. Privacy Shield. In their judgement the ECJ, whilst upholding Standard Contractual Clauses (SCCs) as a transfer tool, made it clear that data exporters (i.e. organisations within the EEA which transfer personal data to countries outside the EEA) must “verify, prior […]
Read more »22/02/21 – On 19 February 2021 the European Commission published two adequacy decisions, one for transfers of personal data to the UK under the GDPR and the other under the Law Enforcement Directive. Although perhaps not surprising, this is still a positive step because it means the Commission has concluded that the UK does ensure […]
Read more »Article 13 of the UK GDPR states that at the time you collect personal data from individuals you must provide them with certain information. The usual way of providing this information is via a privacy notice (also called a ‘privacy policy’ or, in GDPR-speak, a ‘fair processing notice’), which is made available to the individual […]
Read more »