Date: October 29, 2021

In Case You Missed It: EU Privacy, Data and Consumer Legislative Updates of the Past Month

Date Tag News Link to Source
October 29 Cybersecurity The European Commission announced that it adopted a delegate act to the Radio Equipment Directive (Directive (EU) 2014/53).  This act sets out measures to (1) improve network resilience; (2) better protect consumers’ privacy; and (3) reduce the risk of monetary fraud.

The delegated act will come into force following a two-month scrutiny period, should the Council and Parliament not raise any objections.

link
October 28 Cybersecurity European Parliament adopts position on Directive on measures for a high common level of cybersecurity across the Union (“NIS2 Directive”) and starts negotiations with Council link
October 20 AI European Commission launches public consultation ending on January 10 on the rules on compensation for damage caused by defective products with a specific focus on AI link and link
October 19 Cybersecurity European Commission invites the EU and Member States to further develop the EU cybersecurity crisis management framework, including by exploring the potential of building a joint cyber unit to tackle the rising number of serious cyber incidents impacting public services, businesses and citizens across the EU link
October 19 Cybersecurity European Commission will propose a European Cyber Resilience Act to establish common cybersecurity standards, and begin building an EU space-based global secure communications system to provide additional EU-wide broadband connectivity and secure independent communications to Member States link
October 13 Data Protection – Other European Data Protection Board (“EDPB”) issues guidelines on restrictions under Article 23 GDPR (i.e., restrictions will be defined as any limitation of scope of the obligations and rights provided for in Articles 12 to 22 and 34 GDPR as well as corresponding provisions of Article 5 in accordance with Article 23 GDPR) link
October 13 Children Data EDPB will adopt guidelines on children’s data link
October 13 Personal Data Transfers EDPB will adopt guidelines regarding the relationship between the GDPR’s extraterritorial reach and data transfer restrictions.  EDPB announced that the European Commission will develop a new set of standard contractual clauses for data transfers from the EEA to a non-EEA entity that is subject to the extra-territorial scope of the GDPR. link
October 13 Digital Services EDPB will adopt statement on overarching concerns regarding legislative proposals in Digital Services Package link
October 12 Cybersecurity European Parliament adopts position on new rules on EU critical infrastructure entities link
October 7 AI European Consumer Organization (“BEUC”) issues position paper on the AI Act link
October 6 AI European Parliament adopts resolution on AI in criminal law and its use by the police and judicial authorities in criminal matters link
October 1 Open Data Council of the EU approves version of the Data Governance Act, which will now be negotiated with the European Parliament link and link

What’s Coming Next

  • Negotiations on the Data Governance Act between Parliament and the Council are scheduled for November 9, and early December (see here)
  • Council of the EU is preparing position on the evaluation and findings on the application of the Directive (EU) 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties (see here)
Print:
EmailTweetLikeLinkedIn
Photo of Dan Cooper Dan Cooper

Daniel Cooper heads up the firm’s growing Data Privacy and Cybersecurity practice in London, and counsels clients in the information technology, pharmaceutical research, sports and financial services industries, among others, on European and UK data protection, data retention and freedom of information laws…

Daniel Cooper heads up the firm’s growing Data Privacy and Cybersecurity practice in London, and counsels clients in the information technology, pharmaceutical research, sports and financial services industries, among others, on European and UK data protection, data retention and freedom of information laws, as well as associated information technology and e-commerce laws and regulations. Mr. Cooper also regularly counsels clients with respect to Internet-related liabilities under European and US laws. Mr. Cooper sits on the advisory boards of a number of privacy NGOs, privacy think tanks, and related bodies.