On 11 March 2024, following an investigation, the European Data Protection Supervisor (EDPS) announced that the European Commission’s (Commission) use of a major software company infringes the data protection law for EU institutions, bodies, offices and agencies (Regulation (EU) 2018/1725). In particular, the EDPS found that the Commission had
Continue Reading Europe: EDPS finds that the European Commission has infringed data protection rulesRachel de Souza
Europe: EDPB coordinated enforcement action identifies areas of improvement to promote the role and recognition of DPOs
Background
March 2023 saw the launch of the European Data Protection Board’s (EDPB’s) second coordinated enforcement action (CEF 2023), which focused on the designation and position of Data Protection Officers (DPOs). Data Protection Authorities (DPAs) across the EEA have launched coordinated investigations into this topic. In particular…
Continue Reading Europe: EDPB coordinated enforcement action identifies areas of improvement to promote the role and recognition of DPOsEU: EU formally adopts ‘Data Act’
On 27 November 2023, the Council formally adopted the final version of the regulation on harmonised rules on fair access to and use of data (“Data Act”), after the European Parliament had adopted the Data Act earlier this month.
Drafted with the objective of fostering innovation and facilitating the sharing of data between…
Continue Reading EU: EU formally adopts ‘Data Act’UK: EU-UK Data Privacy Framework Extension
UK Extension
Following the European Commission’s adequacy decision for the EU-US Data Privacy Framework (DPF) (for further information see here), the UK Government has announced that from 12 October 2023, organisations in the UK can transfer personal data to US organisations certified to the “UK Extension to the EU-US Data Privacy Framework”…
Continue Reading UK: EU-UK Data Privacy Framework Extension