European Commission Publishes GDPR Roadmap

On 1 April 2020, almost two years after the General Data Protection Regulation (GDPR) entered into force, the European Commission published a roadmap for evaluating its application. The roadmap specifically asks for feedback on the Commission’s strategy in dealing with the issue of international transfer of personal data to third countries, focussing on existing adequacy … Read more

COVID-19 PEOPLE: DATA PRIVACY ISSUES

In these unprecedented times, COVID-19 has forced organisations to quickly put in to place measures with the aim of ensuring both business continuity and the protection of employees. In many instances, this has involved increased processing of health data, in ways that were not envisaged a short time ago. Organisations across the globe are also … Read more

It’s too soon to change the GDPR says EDPB

Summary The EDPB has reviewed implementation of the GDPR so far and has declared the first year and a half a success. The EDPB did note areas for improvement, including the impact of implementation on SMEs and issues with cooperation across different jurisdictions. However, notwithstanding these difficulties, the EDPB considers that it would be premature … Read more

Could the UK move away from GDPR to help foster innovation?

Publicly the UK government is pursuing an adequacy decision from Europe regarding data protection and privacy regulations, but recent comments from ‘Number 10’ could be interpreted as saying the UK may be comfortable pursuing a different privacy path to the EU from the end of December 2020. The issue is about more than making changes … Read more

International Data Privacy Day: Our predictions for 2020

What better day than today, International Data Privacy Day, to explore what 2020 is likely to have in store for data and privacy? Almost two years ago the EU General Data Protection Regulation (GDPR) thrust data and privacy issues firmly in the spotlight, where they remain. With attention having shifted from guidance to enforcement, this article … Read more

Protecting your company’s critical resource: Is your company PDPA ready?

Data has been labeled the world’s most valuable resource in our current digital economy.  It is the lifeblood of many companies, especially those in the technology, media and telecommunications sector where data is often ­used to predict, analyse and respond to consumers’ behaviours, patterns and preferences for services and products.  Capabilities to collect and analyse … Read more

EDPB Adopts Final Guidelines on GDPR Extra-territoriality

Almost exactly a year after publishing its draft version, the EDPB has adopted its final guidelines on Article 3 of the GDPR and the extra-territorial scope of the legislation. The adopted guidelines don’t differ substantially from the consultation draft but include a number of clarifications and new examples. Some of the key takeaways are: Article … Read more

Facial Recognition Technology and Data Protection Law: the ICO’s view

The Information Commissioner’s Office in the UK (ICO) has announced an investigation into the use of facial recognition technology following a string of high profile uses. Prior to the results of this investigation, companies using facial recognition technology should: undertake a balancing test to ensure proportionality in the use of such technology, acknowledging its intrusiveness; … Read more