Free tools and resources for Data Protection Officers!

Tag Archives for " data transfer "

UK government adopts draft Brexit withdrawal agreement

The cabinet has agreed a draft withdrawal agreement on the UK’s exit from, and future relationship with the European Union. In terms of data protection, the documents reaffirms the UK government’s commitment to a high level of data protection during and after Brexit.

The future relationship with the EU is described in just seven pages. The EU will commence its evaluation of the UK’s data protection framework with the aim of decisions by the end of 2020. There will be ‘appropriate cooperation between regulators.’ The draft withdrawal agreement talks about ‘essential equivalence’ rather than adequacy.

Full artisle: UK government adopts draft Brexit withdrawal agreement – Privacy Laws & Business

Facebook Failed to Police How Its Partners Handled User Data

Facebook failed to closely monitor device makers after granting them access to the personal data of hundreds of millions of people, according to a previously unreported disclosure to Congress last month.

Facebook’s loose oversight of the partnerships was detected by the company’s government-approved privacy monitor in 2013. But it was never revealed to Facebook users, most of whom had not explicitly given the company permission to share their information.

Full article: Facebook Failed to Police How Its Partners Handled User Data – The New York Times

What does the newly signed ‘Convention 108+’ mean for UK adequacy?

The Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108) has been given an overhaul to bring it into line with the General Data Protection Regulation. While Convention 108 is not an EU document, the European Commission sees the protocol as a way of encouraging “third countries” to adopt the basic tenets of the GDPR. This could be particularly interesting for the U.K., which will become a third country after Brexit.

Full article: What does the newly signed ‘Convention 108+’ mean for UK adequacy?

Facebook’s court appeal over data transfer case set for January

Facebook’s unprecedented Supreme Court appeal aimed at halting a referral to the European Court of Justice (CJEU) concerning the validity of EU-US data transfer channels will be heard in January.

The court previously set a provisional hearing date of December 19th but, following a case management hearing on Thursday, has now fixed the case for January 21st.

Source: Facebook’s court appeal over data transfer case set for January

Processing data in a post-Brexit world

The physical movement of goods and people across EU borders post-March 2019 is quite rightfully attracting much attention. Whilst these concerns are undoubtedly valid (British consumers are likely to face raised prices on imported goods and long queues at the borders, whilst exporters can expect tariff increases and more stringent customs controls leading to delays), in a world where data is coin of the realm, it seems prudent to consider Brexit’s impact on the digital economy.

Full article: Processing data in a post-Brexit world

EU-U.S. Privacy Shield Framework Joint Annual Review 2.0

The Federal Trade Commission (FTC) announced several enforcement actions in late 2017, on the eve of the first annual joint EU-U.S. review of the Privacy Shield Framework. Now the second annual review of the EU-U.S. Privacy Shield Framework is underway, and the FTC has announced several new enforcement actions, which are meant to highlight the importance of the framework and reaffirm the U.S.’s commitment to strong privacy enforcement.

Full article: EU-U.S. Privacy Shield Framework Joint Annual Review 2.0

Brexit data talks yet not started

Concerns are growing that the UK will face a post-Brexit ‘data wall’ that will stymie the €272 billion of trade in Europe that relies on data flows. The lack of progress, with Brexit day only a few months away, is now a serious cause for concern for the UK’s tech community.

The UK has already applied the EU’s General Data Protection Regulation (GDPR) into its national law, but that does not guarantee the continued free flow of data after next March. It will be classified as a ‘third country’, and its application of GDPR will not guarantee an adequacy decision – which determines that a third country has an adequate data protection regime, and that European personal data can be processed there.

Source: Data talks not started, admits minister as UK faces EU ‘data wall’ – EURACTIV.com

EU and US begin second annual review of Privacy Shield

EU and US officials have begun the second annual review of the Privacy Shield, an important framework that facilitates the free flow of personal data across the Atlantic for businesses.

The review will focus on the commercial aspects, notably on questions related to the oversight and enforcement of the Shield, and developments concerning the collection of personal data by US authorities for purposes of law enforcement or national security. The European Commission will publish its conclusions in a report end of November.

Source: Privacy Shield: EU and US begin second annual review

Walmart Sued for Alleged Sharing of Video Purchase Data With Facebook

Walmart Inc. allegedly shared information on customers’ DVD and video game purchases with a third party without their consent, in violation of a federal video privacy law, two customers alleged in a lawsuit against the retail giant.

The plaintiffs alleged that Walmart installed Facebook Pixel, an advertising analytics tool, on Walmart.com. The tool “systematically” disclosed customers’ Facebook identities and information about specific products customers purchased when they bought DVDs, Blu-Ray discs, video games, and other videos, the plaintiffs alleged.

Source: Walmart Sued; Allegedly Shared Video Purchase Data With Facebook | Bloomberg Law

Facebook Supreme Court appeal to be heard in December

Facebook has got a provisional date of December 19th for its unprecedented Supreme Court appeal aimed at halting a referral to the European Court of Justice (CJEU) concerning the validity of EU-US data transfer channels.

The issues to be decided by the Supreme Court include whether there is any entitlement in the first place to appeal such a reference to the CJEU.

The High Court’s Ms Justice Caroline Costello previously ruled there was no such entitlement and she had made the referral before the Supreme Court agreed in July last to hear Facebook’s appeal.

Source: Facebook Supreme Court appeal to be heard in December

>