Authors: Heidi Waem, Rachel De Souza, Simon Verschaeve
On 27 November 2023, the Council formally adopted the final version of the regulation on harmonised rules on fair access to and use of data (“Data Act”), after the European Parliament had adopted the Data Act earlier this month.
Drafted with the objective of fostering
Continue Reading EU: EU formally adopts ‘Data Act’Authors: Heidi Waem, Muhammed Demircan, Nicolas Becker
On 29 September 2023, the Belgian Data Protection Authority (Belgian DPA) issued a decision imposing a reprimand on a public authority and its processor for various infringements of the GDPR, including the lack of a timely signed data processing agreement between the public authority – who
Continue Reading Belgian DPA decides on the (in)validity of retroactive data processing agreements
Author: Nicholas De Lacy-Brown
The arrival of NIS2 is only one year away. With significantly enhanced requirements around cybersecurity management extending across the supply chain, increased reporting obligations in the case of cyber breach, and personal liability for senior management, working out whether or not an organisation will be in scope for NIS2 will be
Continue Reading EU: The NIS2 Enigma: who will be caught by the EU’s updated cyber requirements?
UK Extension
Following the European Commission’s adequacy decision for the EU-US Data Privacy Framework (DPF) (for further information see here), the UK Government has announced that from 12 October 2023, organisations in the UK can transfer personal data to US organisations certified to the “UK Extension to the EU-US Data Privacy Framework”
Continue Reading UK: EU-UK Data Privacy Framework Extension
