Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: European Data Protection Board

Posted in International/EU Privacy

EDPB’s Common Sense Approach to the GDPR’s Territorial Scope

The EU General Data Protection Regulation is now a fully functioning six-month old creature, which has brought with it significant evolutionary changes. One of the most notable innovations of the new European data protection framework is its ambitious extra-territorial application. The introduction of brand new grounds for the applicability of the law was a major development. As a result, and as essential as this is, the GDPR’s territorial scope of application has become one of the most difficult issues to pin down. Therefore, the publication of the European Data Protection Board’s draft guidelines on the territorial scope of the GDPR marks an important milestone in understanding the implications of this influential framework.

Posted in International/EU Privacy

DP Impact Assessments: EDPB Differs Slightly from ICO Position

The European Data Protection Board (EDPB) has recently published its Opinion on the (United Kingdom) Information Commissioner’s list of processing activities which would require a Data Protection Impact Assessment under the GDPR. In its Opinion, the EDPB appears to be moving away from the idea that processing of genetic or location data, on its own, might be enough to trigger the mandatory DPIA requirements of the GDPR. This news will perhaps come as a relief to organi­sations currently struggling to come to grips with the “new” DPIA process and the resources and time that it demands. But, should we be surprised by the EDPB’s Opinion and will it have a significant impact in practice on the way organisations consider and conduct DPIAs?

Posted in International/EU Privacy

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

The draft text of the EU-UK withdrawal agreement was published by the UK Government and the European Union yesterday, providing some of the first concrete indicators of the possible direction of travel in the area of data protection. In this post, we discuss ten initial conclusions from the draft text.

Posted in International/EU Privacy

GDPR Guidance – European Data Protection Board Adopts Art. 29 Working Papers

Data protection authorities set out guidelines for the application of the new EU General Data Protection Regulation. The European Data Protection Board is the joint coordination body of the EU data protection authorities. The EDPB provides guidance on the application of the EU Data Protection Regulation. With the GDPR having come into force, the EDPB thus replaces the Art. 29 Data Protection Working Party which was established under the EU Data Protection Directive and other previously applicable data protection laws.

Posted in International/EU Privacy

Thinking Strategically About Brexit and Data Protection

To date, the main legacy of the Brexit referendum of 2016 appears to be a country split in half: some badly wish the UK would continue to be a member of the EU and some are equally keen on making a move. Yet, there seems to be at least one thing on which Remainers and Leavers will agree: nobody knows exactly what is going to happen. The same is true of the effect of Brexit on UK data protection. However, as Brexit day approaches, it is becoming imperative for those with responsibility for data protection compliance to make some crucial strategic decisions. To help with that process, here are some pointers about what we know and what we don’t know.

Posted in Health Privacy/HIPAA, International/EU Privacy

The Final GDPR Text and What It Will Mean for Health Data

The EU General Data Protection Regulation has been called the most lobbied piece of legislation in the history of the EU. Before Christmas last year, what is likely to be the final text of the GDPR emerged from the EU trilogue negotiations. Victoria Hordern, Senior Associate at Hogan Lovells, explores what the new GDPR will mean for those collecting and handling health data, and examines a number of the provisions and themes that impact the use of health data.