The likely demise of the US Safe Harbor is dominating the data news headlines - but what else is happening in the world of data and cyber regulation? Datonomy provides a round up of other recent developments in Europe and Asia. With contributions from Andreas Splittgerber and Christian Leuthner in Germany, Sofia Fontanals in Spain and Matthew Hunter, Daniel Jung and Aisling O’Dwyer in Asia, in this update we cover:
  • EU policy and regulation including latest news from Brussels on the GDPR and NISD
  • News from the UK
  • News from Germany
  • News from Spain
  • News from Asia
EU POLICY AND REGULATION
  • GDPR and NISD: Commission President Junker has yet again affirmed the “swift adoption” of the GDPR and NISD as priorities in this open letter of 9 September to the European Parliament. Below we take a more detailed look at the recent procedural progress of these two (not-so-swift) proposals.
One of Europe’s most senior lawyers, Advocate General Bot, today declared the EU-US Safe Harbour regime invalid.  His opinion has profound implications for organisations transferring personal data to the US or importing personal data from Europe.   Olswang explains the practical implications for companies transferring personal data from Europe to the US. What is safe harbour? The Data Protection Directive (95/46/EC) requires companies which collect personal data relating to EU citizens to retain such data within the European Economic Area unless it is being transferred to a jurisdiction which ensures ‘adequate’ protection for such personal data. Adequacy can be established in a number of ways, one of which is a declaration of approval of a particular jurisdiction’s regime for protecting personal data by the European Commission. In a decision of 26 July 2000, the European Commission declared that the safe harbour scheme established with the US provided adequate protection of personal data and … Continue Reading ››
Datonomy's correspondents in Germany have just published their latest update on IT and data protection developments. It includes:
  • a status update on the GDPR, on which further trilogue negotiations took place this week
  • fines imposed for illegal data transfers in asset deals
  • fines imposed for insufficiently detailed data processing contracts
  • a recent decision on the legality of framing
  • a recent ruling on take down
Plus other recommended reads and status updates on draft legislation.  You can read it in full here.