Key takeaways this May include: Facial recognition: Businesses, including those with no presence in the EEA, face continued challenges in establishing GDPR-compliant facial recognition technology after the French CNIL fined…
As we approach the end of the year, here are the Top 10 Privacy posts on the Debevoise Data Blog in 2022 by page views. If you are not already…
On October 7, 2022, U.S. President Biden signed Executive Order 14086 on Enhancing Safeguards for United States Signals Intelligence Activities (the “Order”). The administrative Order creates new protections applicable to…
What happened? In the wake of the Court of Justice of the European Union’s decision in Schrems II (covered here and here) and Brexit, the EU and UK respectively updated…
Russia has enacted amendments to its Personal Data Law (the “Amendments”) that may have a significant impact on companies operating in Russia. The Amendments became effective on September 1, 2022, save…
On 18 July 2022, the UK government published the Data Protection and Digital Information Bill (the “Bill”), which proposes reforms to the UK’s data protection and e-privacy landscape in-line with…
International companies doing business in China and Chinese companies doing business internationally have been awaiting clarification on the rules of the road governing the cross-border transfer of data out of…
Key takeaways from developments this August include: Indications of what the UK’s post-Brexit data transfer arrangements might look like – companies transferring data from the UK will want to follow…
What’s happened? The European Commission has finalised its new standard contractual clauses (“SCCs”) for the transfer of personal data from EEA member states to the many “third countries” – most…
The key development from April must be the European Data Protection Board (“EDPB”) approving the draft UK adequacy decisions from the European Commission (the “Commission”). Companies will be relieved that…