transfers

Countdown for Implementing the New EU Data Transfer Contracts and Overview of other EU Transfer Developments

By Dan Cooper, Kristof Van Quathem & Anna Oberschelp de Meneses on November 3, 2022

Posted in Cross-Border Transfers, EU Data Protection

The upcoming date of December 27, 2022, marks the end of the roughly one year and a half-long transition period that companies had to replace any the old versions of the standard contractual clauses for international transfers of personal data by the new standard contractual clauses, which the European Commission adopted on June 4, 2021. As of December 27, 2022, EU Supervisory Authorities may start GDPR enforcement proceedings against any companies that still on to the old version of the standard contractual clauses.

Covington is well placed to assisting clients in amending their contracts to take into account the new standard contractual clauses and, more generally, to ensure compliance with the GDPR rules on international data transfers.Continue Reading Countdown for Implementing the New EU Data Transfer Contracts and Overview of other EU Transfer Developments

European Data Protection Supervisor Reprimands European Parliament for Illegal Transfers post-Schrems II CJEU ruling

By Dan Cooper, Kristof Van Quathem & Anna Oberschelp de Meneses on January 14, 2022

Posted in EU Data Protection

On January 5, 2022, the European Data Protection Supervisor (“EDPS”) issued a reprimand to the European Parliament for its offering of a website to its staff and members to schedule Covid-19 tests which violated the transparency and transfer provisions of Regulation (EU) 2018/1725 (“Regulation”). In addition, the EDPS ordered the European Parliament to bring the…

Austrian Supervisory Authority Finds that Website Deploying Google Analytics Carried out Unlawful Transfers to the US

By Dan Cooper, Kristof Van Quathem & Anna Oberschelp de Meneses on January 14, 2022

Posted in EU Data Protection

On December 22, 2021, the Austrian Supervisory Authority (“Authority”) found that an Austrian website that implemented the (free version of) Google analytics violated the GDPR’s rules on international data transfers (see here).

The Authority decided that the Standard Contractual Clauses, combined with the Austrian website operator’s supplementary measures to transfer personal data to Google…

European Commission Publishes Draft UK Adequacy Decisions

By Dan Cooper & Paul Maynard on March 2, 2021

Posted in Data Privacy, EU Data Protection, European Union, United Kingdom

On February 19, 2021, the European Commission published two draft decisions finding that UK law provides an adequate level of protection for personal data. The first would allow private companies in the EU to continue to transfer personal data to the UK without the need for any additional safeguards (e.g., the Commission’s standard contractual clauses), while the second would allow EU law enforcement agencies to transfers personal data subject to Directive 2016/680 — the Data Protection and Law Enforcement Directive (LED) — to their UK counterparts.
Continue Reading European Commission Publishes Draft UK Adequacy Decisions

Inside Privacy

transfers

Countdown for Implementing the New EU Data Transfer Contracts and Overview of other EU Transfer Developments

European Data Protection Supervisor Reprimands European Parliament for Illegal Transfers post-Schrems II CJEU ruling

Austrian Supervisory Authority Finds that Website Deploying Google Analytics Carried out Unlawful Transfers to the US

European Commission Publishes Draft UK Adequacy Decisions

About this Blog