Topic: International transfers

Reynders leans on data retention rulings to support EU-US adequacy

The European Commission is using ECJ data retention case law as an argument against concerns that the draft adequacy agreement with the US does nothing to change the surveillance practices of US law enforcement.

31 January 2023

EDPB report bemoans state of EU public cloud procurement

The EDPB has named a lack of bargaining power on the part of public authorities as one of the factors pushing those bodies towards unfavourable and possibly illegal cloud service solutions.

23 January 2023

Smooth sailing expected for companies switching to new Privacy Shield

As an adequacy decision for the US winds through EU institutions, Privacy Shield-certified companies should only need to make minor modifications to receive certification under the planned EU-US Data Privacy Framework.

20 January 2023

PIPL does not block discovery, US federal court rules

A Manhattan procedural judge has ordered a crypto organisation to disclose data held in China to class action plaintiffs, adding to a growing number of cases in which companies have had to risk data protection enforcement in order to comply with US discovery.

16 January 2023

Microsoft to roll out EU data localisation in the new year

Microsoft will start a phased rollout of its ‘EU Data Boundary’ from 1 January to public sector and commercial customers.

15 December 2022

Comparative analysis of the proposed Chinese standard contract and EU standard contractual clauses

Rohan Massey, David Chen, Christopher Foo and Pauline Tang of Ropes & Gray analyse and compare key international transfer documents in the EU and Chinese data protection regimes.

14 December 2022

Commission clears Privacy Shield replacement

The European Commission has proposed that an adequacy agreement be granted to the Trans-Atlantic Data Privacy Framework, the first step towards reopening transatlantic data flows – but activist groups have already said that they will challenge the final product.

13 December 2022

Portuguese statistics authority fined €4.3 million for census failings

Portugal’s data protection authority has fined the country’s National Statistics Authority €4.3 million for five breaches of the GDPR made while carrying out the 2021 census – including unlawful international transfers.

12 December 2022

Q&A: Meike Kamp

Two months into her tenure as the new head of the Berlin data protection authority, Meike Kamp tells GDR her views on the new Privacy Shield replacement and how ongoing questions about the GDPR’s interpretation should be resolved.

09 December 2022

Industry launches renewed attack on proposed EU cloud rules

A consortium of industry bodies has urged EU authorities to reconsider new rules for the procurement of cloud services, warning that the measures could conflict with international agreements and Brussels’ own rules.

01 December 2022

Unlock unlimited access to all Global Data Review content