On June 28, 2023, the European Commission (EC) published a Proposal for a Regulation on Financial Data Access (FIDA). FIDA aims to create a framework through which data holders (e.g., banks, credit institutions) share the financial data they hold with other players in the finance industry (e.g., fintech companies). Customers of financial institutions will be able to control i) which data is shared, ii) with whom, iii) for what purpose, and iv) for how long. If adopted, FIDA will further liberalize financial data sharing in the EU.
Continue Reading European Commission Proposes New Rules on Financial Data Access and UseCédric Burton
UK Brings Forward Legislation to Streamline the GDPR
By Cédric Burton, Tom Evans & Matthew Nuding on
In March 2023, the UK government published the Data Protection and Digital Information (No. 2) Bill (the bill). If enacted, the bill will introduce significant changes to the UK’s data protection laws, with the aim…
Continue Reading UK Brings Forward Legislation to Streamline the GDPREU Privacy Regulators Coordinate to Assess Compliance with the GDPR Rules on Data Protection Officers
Posted in Uncategorized
On March 15, 2023, the European Data Protection Board (EDPB) announced a coordinated action on the role of the data protection officers (DPOs). The data protection authorities (DPAs) will ask DPOs a series of questions…
Continue Reading EU Privacy Regulators Coordinate to Assess Compliance with the GDPR Rules on Data Protection OfficersEDPB Issues Guidance on Cookie Banners
Posted in Privacy, Regulatory
In January 2023, the European Data Protection Board (EDPB) published a report on cookie banners (Report). The Report provides practical guidance to companies doing business in the EU on how to comply with…
Continue Reading EDPB Issues Guidance on Cookie BannersEU Regulators Adopt Opinion on Draft EU-U.S. Data Privacy Framework
Since the invalidation of the Privacy Shield framework in 2020 in the “Schrems II” case, the EU and the U.S. have been working to set up a new framework for data flows from…
Continue Reading EU Regulators Adopt Opinion on Draft EU-U.S. Data Privacy FrameworkCJEU Finds That Companies Must Provide Individuals with the Identity of Data Recipients When Responding to Data Access Requests
Posted in Privacy
On January 12, 2023, the Court of Justice of the European Union (CJEU) ruled1 that the data subject’s right of access to personal data2 requires controllers to provide the data subject with the…
Continue Reading CJEU Finds That Companies Must Provide Individuals with the Identity of Data Recipients When Responding to Data Access Requests