On February 10, 2021, the Council of the European Union (EU) agreed on its version of the draft ePrivacy Regulation (Council Position). The long-awaited ePrivacy Regulation, which will repeal the existing ePrivacy Directive, overhauls the rules on cookies and regulates the use of and access to electronic communications data.
Continue Reading Council of the EU Adopts Its Text on the ePrivacy Regulation
Roberto Yunquera Sehwani
European Commission Proposes New Rules for Digital Platforms
On December 15, 2020, the European Commission (EC) unveiled a set of proposals to regulate digital platforms. The draft laws include antitrust-related requirements, addressed by the Digital Markets Act (DMA) and more general regulatory requirements, addressed in the Digital Services Act (DSA). The DMA/DSA package will apply to all digital services, including social media, online marketplaces, and other online platforms, meaning tech companies active in Europe will have a new set of rules to follow.
Continue Reading European Commission Proposes New Rules for Digital Platforms
U.S. Government Publishes White Paper on International Data Transfers Following Schrems 2.0 Judgment
On September 28, 2020, the U.S. Department of Commerce (DoC) published a white paper co-authored by the U.S. Department of Justice (DoJ) and the Office of the Director of National Intelligence (white paper)[1] which provides information on the safeguards under U.S. law to limit the collection of data from private companies by U.S. intelligence services. The white paper addresses concerns raised by the EU Court of Justice (ECJ) when it invalidated the EU-U.S. Privacy Shield framework (Privacy Shield) and imposed certain conditions on the use of Standard Contractual Clauses (SCCs).
Continue Reading U.S. Government Publishes White Paper on International Data Transfers Following Schrems 2.0 Judgment
European Commission Calls for a Common Approach to COVID-19 Apps and Anonymized Data Use
On April 8, 2020, the European Commission (the Commission) released its recommendation for a pan-EU approach on the use of technology and data to combat the COVID-19 pandemic (the Recommendation).
The Commission calls for the creation of a “toolbox” consisting of practical measures taken at the EU level to address the use of mobile applications to inform individuals or monitor infected persons (COVID-19 mobile apps) and address the use of anonymized population data to analyze the evolution of the pandemic in the EU. While the Recommendation does not specify the measures to be included in the toolbox, it provides a roadmap to promote the harmonization of these measures across all EU member states.
Continue Reading European Commission Calls for a Common Approach to COVID-19 Apps and Anonymized Data Use
On the Final Publication of the Danish Standard Contractual Clauses for Vendor Agreements: A New Standard?
On December 10, 2019, the Danish Supervisory Authority (SA) published its final version of Standard Contractual Clauses (SCCs) that data controllers and processors may use to satisfy the General Data Protection Regulation (GDPR) obligation to enter into a data processing agreement.
The Danish SCCs have been reviewed and approved by the European Data Protection Board (EDPB). Accordingly, they constitute an official template containing the contractual provisions that the Danish SA and the EDPB consider important. Because the Danish SCCs have been examined by all EU Supervisory Authorities and approved by the EDPB, they may become the model for data processing agreements across the EU.
Continue Reading On the Final Publication of the Danish Standard Contractual Clauses for Vendor Agreements: A New Standard?