UK data protection, GDPR, DPIAs, international transfers, data protection for AI-enabled products
This article was published in November 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. The European Data Protection Board’s recommendations of 10 November 2020 set out a six‑step method for assessing whether personal data can be transferred outside…
This article was published in November 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. On 10 November, the European Data Protection Board adopted a recommendation on supplemental measures which might be used to ensure compliance with the EU level of…
This article was published in September 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. The European Data Protection Board’s updated guidance of 7 September 2020 refined the tests for distinguishing controllers from processors under GDPR Articles 4, 24,…
This article was published in August 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. The EU Commission and US Department of Commerce announced on 10 August 2020 that they had started talks on a successor to the invalidated…
This article was published in July 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. After Schrems II, exporters of personal data from the EU to the US and other third countries must rely on an alternative Article 46…
Schrems II disrupts data export from EU: on 16 July 2020, the European Court of Justice decided, overturning the 2016 Privacy Shield Decision of the European Commission, that the US Privacy Shield did not, and does not, provide an adequate level of protection for the transfer of personal data from the EU to the US.
To all my readers, thank you and goodbye. This blog is now an ex-blog.
This article was published in July 2016 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. On 7 July 2016, the UK’s Financial Conduct Authority (FCA) issued finalised guidance for authorised UK financial institutions use of cloud services. In a marked contrast to some other…
This article was published in July 2016 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. On 6 July 2016, the European Union (which for now includes the UK) adopted the Network and Information Security (or NIS) Directive. This imposes obligations on…
This article was published in July 2016 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. The UK Government today published its first draft of the Digital Economy Bill. As expected, it contains provisions addressing (text taken from Government explanatory fact sheet):
This article was published in May 2015 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Singapore’s Personal Data Protection Commission (PDPC) has been busy. It has just published a number of new resources to help businesses comply with the Personal Data…
This article was published in September 2013 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. On September 24, Singapore’s Personal Data Protection Commission published its final advisory guidelines on how the country’s Personal Data Protection Act 2012, which governs the collection,…