Global Privacy & Security Compliance Law Blog

Tag Archives: European Data Protection Board

The EDPB’s Draft Data Transfer Guidance Following Schrems II – A Close Look

The EDPB takes a strict approach in its recent guidance on international data transfers following Schrems II, posing a difficult challenge for businesses. By Gail Crawford, Ian Felstead, Fiona Maclean, Serrin Turner, Tim Wybitul, Victoria Wan and Amy Smyth On 10 November, the European Data Protection Board (EDPB) released its much anticipated draft guidance on … Continue Reading

Privacy and Payments: New Draft EU Advice for Financial Institutions

As contactless transactions boom, EU regulators publish draft guidelines on the interplay between the GDPR and PSD2. By Fiona M. Maclean, Christian F. McDermott, Calum Docherty, and Amy Smyth Last year, more than half of all payments in the UK were made by card and contactless methods, while cash made up less than a quarter … Continue Reading

Practical Considerations for Assessing Data Transfers after Schrems II

Latham develops new resource to identify considerations for assessing SCC and BCR data transfers in Europe. By Gail E. Crawford, Fiona M. Maclean, Michael H. Rubin, Serrin Turner, Tim Wybitul, and Ulrich Wuermeling Following the Schrems II decision in July 2020, organisations relying on the standard contractual clauses (SCCs) or Binding Corporate Rules (BCRs) to … Continue Reading

French State Council Upholds CNIL’s €50M Fine for GDPR Violations

The Council decision contains useful considerations and clarifications on the “one-stop shop” mechanism, transparency obligations, and consent for targeted advertising. By Myria Saarinen and Camille Dorval On 19 June 2020, France’s Highest Administrative Court (Council) handed down its decision on the appeal filed by Google LLC (Google) against the French Data Protection Authority’s (CNIL’s) decision … Continue Reading

The Countdown Continues: One Year to the GDPR

By Gail Crawford, Ulrich Wuermeling, Calum Docherty The General Data Protection Regulation (GDPR or Regulation) will become applicable in one year, as of May 25, 2018. A lot has happened since we set out the key provisions of the Regulation last year. As companies implement compliance programmes in efforts to protect data subjects and avoid … Continue Reading
LexBlog