Free tools and resources for Data Protection Officers!

Tag Archives for " data transfer "

Parliament fails to approve the EU Withdrawal Agreement: Data protection implications

On 25 November 2018 the UK Government and the EU agreed a draft withdrawal agreement which set out the terms of the UK’s departure from the EU and made a political declaration on the framework for their future relationship, as provided for under Article 50(2) of the Treaty on European Union ( Withdrawal Agreement ).

The purpose of the Withdrawal Agreement is to set out the terms of the UK’s departure from the EU and provide a transition period during which a more nuanced and ambitious future relationship can be agreed.

Full article: Parliament fails to approve the EU Withdrawal Agreement: Data protection implications

Irish Data Protection Advisory Releases Guidance on Data Consequences following ‘No Deal Brexit’

Guidance on what should happen with transfers of personal data to and from the United Kingdom, including Northern Ireland, following a possible ‘no deal’ Brexit has been published by the Irish Data Protection Commission (DPC).

The organisation warned that Irish and Irish-based companies that manage private personal data will be required to ensure data being transferred to the UK is done so lawfully following a possible March 29 date the UK leaving the European Union. From that date, in the event of no exit deal being agreed, the UK must be treated as any other non-EU State and would not enjoy the existing free movement of data that it currently does.

Full article: Irish Data Protection Advisory Releases Guidance on Data Consequences following ‘No Deal Brexit’ – Compliance Junction

The UK will have to renegotiate data protection relationships with EEA countries

UK government says that at the end of the transitional period, the EEA agreement will no longer be applicable and the UK will seek a new arrangement with the EEA countries Norway, Iceland and Liechtenstein.

The EU will start its assessment of the UK’s adequacy for international data transfers as soon as possible after Brexit. The UK is ready to start these assessments, the government says.

Source: The UK will have to renegotiate data protection relationships with EEA countries – Privacy Laws & Business

CNIL Publishes Guidance on Data Sharing with Business Partners or Data Brokers

On December 28, 2018, the French Data Protection Authority (the “CNIL”) published guidance regarding the conditions to be met by organizations in order to lawfully share personal data with business partners or other third parties, such as data brokers.

Full article: CNIL Publishes Guidance on Data Sharing with Business Partners or Data Brokers

Government issues draft data protection legislation to deal with Brexit

The draft legislation, The data protection, privacy and electronic communications (amendments etc) (EU exit) regulations 2019, have been prepared to ensure that the UK data protection legal framework continues to function correctly after Brexit.

The instrument amends the Privacy and Electronic Communications Regulations 2003 (PECR), UK GDPR and the DP Act 2018.

Source: Government issues draft data protection legislation to deal with Brexit – Privacy Laws & Business

New FPF Study Documents More Than 150 European Companies Participating in the EU-US Data Transfer Mechanism

Week ago the European Commission published its second annual review of the EU-U.S. Privacy Shield, finding that “the U.S. continues to ensure an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S.” The decision preserves a key data transfer agreement, supporting transatlantic trade and ensuring meaningful privacy safeguards for consumers.

Full article: New FPF Study Documents More Than 150 European Companies Participating in the EU-US Data Transfer Mechanism

US told to appoint a damn Privacy Shield ombudsperson already or EU will take action

The European Commission’s second annual review of the Privacy Shield agreement made similar noises to last year’s, concluding the deal does the trick but could be better. It said the US ensures an adequate level of protection for personal data transferred under the deal, and has made some improvements, but progress is slow and there is more work to do.

The US has been told once again to appoint a permanent ombudsperson to oversee the deal governing transatlantic data flows, but this time has been given a deadline.

Full article: US told to appoint a damn Privacy Shield ombudsperson already or EU will take action • The Register

EU-US Privacy Shield passes second annual review

Despite the lack of a permanent ombudsperson, the European Commission confirmed on Wednesday that the Privacy Shield had passed its second annual review.

The US government has been given until the end of February next year to appoint a permanent ombudsperson to handle data protection complaints from EU citizens.

Source: EU-US Privacy Shield passes second annual review

UK-to-UK data transfers impacted by ‘no deal’ Brexit

UK businesses that outsource the processing of personal data to UK supplier or which send data to other UK-based businesses in their group may need to update their contracts in the event of a ‘no deal’ Brexit to allow those data transfers to continue, a data protection law expert has said.

Full article: UK-to-UK data transfers impacted by ‘no deal’ Brexit

>