South Korea hopeful on GDPR transfer exception

The South Korea-EU summit on 30 June is expected to discuss South Korea’s exemption from paying GDPR transfer fines. The exception would allow its businesses located within the EU to transfer data to South Korea without penalties. After failing to get the agreement in 2016 and 2018, South Korea has taken a number of steps […]

EDPB brings out register listing decisions

The European Data Protection Board (EDPB) has published a new register containing decisions taken by national supervisory authorities (SAs) under the One-Stop-Shop (OSS) cooperation procedure within GDPR. The European Union’s General Data Protection Regulation (GDPR) requires supervisory authorities to cooperate on cases with a cross-border component to ensure consistent application of GDPR. Up until early […]

French Health Data Hub must work with DPA, says government

France’s Council of State has ordered the Health Data Hub to share information on its pseudonymisation procedures with the country’s data protection agency CNIL. That will allow the authority to verify if the measures ensure sufficient protection of the data to prevent, as far as possible, identification of individual people, the council said. In April […]

Post-Brexit UK adequacy decision at risk due to data-sharing agreement with US

The EU’s data protection watchdog has said that the UK-US agreement entered into in 2019 could undermine the UK’s chances of receiving an adequacy decision The European Data Protection Board wrote to the European Parliament on 15 June 2020 outlining their concerns that the UK-US agreement to facilitate access to electronic evidence in criminal investigations […]

Norway drop contact-tracing app after Amnesty privacy investigation

Norway has abandoned plans to introduce a contact-tracing app to combat coronavirus after Amnesty investigation revealed its live-tracking capabilities Amnesty International’s investigation into COVID-19 contact tracing apps across Europe, Middle East, and North Africa showed that Bahrain’s ‘BeAware Bahrain’, Norway’s ‘Smittestopp’ and Kuwait’s ‘Shlonik’ present the biggest threats to privacy due to their live-tracking capabilities. […]

Does the GDPR not apply during the COVID-19 state of emergency?

In the last few months, we have seen organisations across Europe imposing various obligations on their employees, visitors and customers to fight against the spread of the COVID-19 virus. The underlying measures started with the completion of questionnaires on health conditions and have progressed to requiring temperature checks of people entering premises and installing thermal […]

Desired GDPR impact requires more collaboration

For over two years, GPDR has provided a global framework for how data protection can be accomplished, but it’s not without its challenges. These challenges are rooted in both expectation and within the legislative process itself. From the effective date for GDPR, we’ve seen inconsistency in how the directive has been applied, despite a desire […]