On February 28, 2024, President Biden issued an Executive Order (the “Order”) designed to protect the “sensitive personal data” of Americans from “exploitation” by “countries of concern” or related “covered…
Key takeaways from January include: Transparency about data processing and retention: In a reminder of the importance of transparency under the GDPR, and the need for companies to make their…
In 2022, the UK ICO published the International Data Transfer Agreement (“IDTA”) and the International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses (“the Addendum”). In short, the…
Key takeaways from September include: UK-US data bridge: From 12 October 2023, UK businesses will be able to transfer personal data to certain US organisations certified under a UK-specific extension…
Key takeaways from June and July include: Data transfers to the U.S.: Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S.…
European Data Protection Roundup – September 2022 Key takeaways this September include: Google Analytics: Continue to assess carefully the use of Google Analytics. The Danish Data Protection Agency became the…
Russia has enacted amendments to its Personal Data Law (the “Amendments”) that may have a significant impact on companies operating in Russia. The Amendments became effective on September 1, 2022, save…
International companies doing business in China and Chinese companies doing business internationally have been awaiting clarification on the rules of the road governing the cross-border transfer of data out of…
Key takeaways from developments this August include: Indications of what the UK’s post-Brexit data transfer arrangements might look like – companies transferring data from the UK will want to follow…
On 19 January 2021, the UK Information Commissioner’s Office (the “ICO”) published its September 2020 letter to the Securities and Exchange Commission (the “SEC”) analysing the GDPR’s impact on UK-based…