Using the new EU standard clauses to enable cross-border data export

From 27 June 2021, organisations will be able to adopt new ‘standard contractual clauses’ (SCCs) to permit lawful export of personal data from the EU to ‘third countries’. This post: recommends what companies should do now describes the background to the EU’s data export rules explains how the new SCCs differ from prior versions considers …

Read more

New UK foreign investment law to impact telecoms, digital and data transactions

Summary By the end of 2021, many corporate transactions in the communications, data infrastructure, artificial intelligence, satellite and space technologies sectors (and some others) will be subject to mandatory notification to, and national security review by, the UK government. Implementation timetable The National Security and Investment Act 2021 (“Act“) became part of UK law on …

Read more

EU and UK set out digital plans for coming decade

The European Commission has proposed a ‘digital compass’ to set its course for a digitally empowered Europe by 2030. The UK’s Department for Culture Media and Sport (DCMS) has also set out its top ten priorities for a technology driven future to ‘build back better’ following the Covid19 pandemic. European Digital Compass At a press …

Read more

UK proposes statutory backing for Huawei 5G ban

On 24 November 2020, the UK Government started the legislative process for a new Telecoms (Security) law which will, when passed into law, provide statutory backing for their already announced policy objective to exclude Huawei (and potentially other ‘high risk vendors’) from the UK’s 5G (and other) networks on the grounds on national security. This …

Read more

Data export: EU provides more clarity after Schrems II

In documents published last week, the EU provided some welcome clarity on how organisations should address the invalidation of Privacy Shield as a basis for exporting personal data from the EU. On 10 November 2020, the European Data Protection Board (EDPB) adopted recommendations on ‘supplemental measures’, which can be considered to ensure compliance with the …

Read more

EDPB guidance on ‘supplemental measures’ for data export

On 10 November, the European Data Protection Board adopted a recommendation on supplemental measures which might be used to ensure compliance with the EU level of protection of personal data when exported to third countries with an insufficient level of protection. The recommendation both sets out a process to be followed by data exporters and, …

Read more

Prospect of increased regulation in UK for digital giants

The Competition and Markets Authority, the UK Competition regulator, has said it will act against Facebook and Google if the government doesn’t set up a digital regulator within a year. According to the Financial Times, Andrea Coscelli, chief executive of the CMA, said: ‘Plan A is to have a regulatory framework. If [within a year] …

Read more

European Data Protection Board releases updated controller / processor guidance for comment

Are you sure you are a data processor? Introduction On 7 September 2020, the European Data Protection Board (EDPB), successor to the ‘article 29 working party’, released updated guidance on the concepts of ‘data controller’ and ‘data processor’ under European Privacy law (i.e. General Data Protection Regulation or GDPR). Whilst this has already been subject …

Read more

UK Intellectual Property Office seeks views on Artificial Intelligence and Intellectual Property

On 7 September 2020, the UK’s Intellectual Property Office (IPO) published a call for views on the impact of Artificial Intelligence (AI) on the UK’s Intellectual Property (IP) laws. Responses are due by 30 November. The consultation takes place against the backdrop of worldwide interest in AI and the law by governments and regulators. The …

Read more