EDPB Releases Draft Guidelines On “Relevant And Reasoned Objection”

The EDPB seeks to define when a DPA would have criticism of a draft GDPR decision another DPA would need to heed. The European Data Protection Board (EDPB) has issued a draft of its construction of a key authority in the General Data Protection Regulation (GDPR) designed to guide and coordinate investigations that cross borders … Continue reading EDPB Releases Draft Guidelines On “Relevant And Reasoned Objection”

Five Eyes Again Lean On Tech About Encryption

In the latest demand, the usual suspects are joined by two new nations in urging tech to stop using default encryption and to essentially build backdoors. The Five Eyes (FVEY) intelligence alliance plus two Asian nations have released an “International Statement: End-To-End Encryption and Public Safety,” which represents the latest FVEY salvo in their campaign … Continue reading Five Eyes Again Lean On Tech About Encryption

Commerce White Paper on Schrems II

The U.S. tries to lay out the reasons why data can still be transferred from the EU The Trump Administration has released a crib sheet they are hoping United States (U.S.) multinationals will have success in using to argue to data protection authorities (DPA) in the European Union that their Standard Contractual Clauses (SCC) and … Continue reading Commerce White Paper on Schrems II

Further Reading, Other Developments, and Coming Events (14 September)

Coming Events The Senate Judiciary Committee’s Antitrust, Competition Policy & Consumer Rights Subcommittee will hold a hearing on 15 September titled “Stacking the Tech: Has Google Harmed Competition in Online Advertising?.” In their press release, Chair Mike Lee (R-UT) and Ranking Member Amy Klobuchar (D-MN) asserted:Google is the dominant player in online advertising, a business … Continue reading Further Reading, Other Developments, and Coming Events (14 September)

EDPB Releases Guidance

The EDPB tries to clear up who is and is not a controller or processor and wades into the world of social media and targeting. The European Data Protection Board (EDPB) has released for comment two sets of guidelines for input to elucidate portions of the General Data Protection Regulation (GDPR). In the draft Guidelines … Continue reading EDPB Releases Guidance

EDPB Steps Into Twitter Investigation

The body that consists of and oversees the EU’s DPAs will use its power under the GDPR to resolve  a dispute between agencies over the punishment for Twitter’s data breaches. The European Data Protection Board (EDPB) will soon have the opportunity to use a key power for the first time since its inception in order … Continue reading EDPB Steps Into Twitter Investigation

EDPB Issues FAQs On Privacy Shield Decision

While the EDPB does not provide absolute answers on how US entities looking to transfer EU personal data should proceed, the agencies provide their best thinking on what the path forward looks like. First things first, if you would like to receive my Technology Policy Update, email me. You can find some of these Updates … Continue reading EDPB Issues FAQs On Privacy Shield Decision

Further Reading and Other Developments (17 July)

First things first, if you would like to receive my Technology Policy Update, email me. You can find some of these Updates from 2019 and 2020 here. Speaking of which, the Technology Policy Update is being published daily during the week, and here are the Other Developments and Further Reading from this week. Other Developments … Continue reading Further Reading and Other Developments (17 July)

Europe’s Highest Court Strikes Down Privacy Shield

The agreement that has been allowing US companies to transfer the personal data of EU residents to the US was found to be invalid under EU law. The EU’s highest court seem to indicate standard contractual clauses, a frequently used means to transfer data, may be acceptable. First things first, if you would like to … Continue reading Europe’s Highest Court Strikes Down Privacy Shield

FTC Settles A Pair of Privacy Shield Cases

The FTC imposes 20 year commitments for two companies who were not meeting their requirements in terms of transferring the personal data of EU residents out of Europe. First things first, if you would like to receive my Technology Policy Update, email me. You can find some of these Updates from 2019 and 2020 here. … Continue reading FTC Settles A Pair of Privacy Shield Cases