With the Brexit transition period ending on 31 December 2020, and no deal in sight, the future of cross-border data transfers between the European Economic Area (the EEA) and the United Kingdom remains unclear. On 1 January 2021, the United Kingdom will be considered as a “third country” and, unless a Brexit deal is proposed dealing with data protection and how data transfers between the EEA and the United Kingdom are to be treated, it could be significantly more difficult for European Union (EU)-based entities to transfer personal data to the United Kingdom.(more…)
Brexit: Deal Or No-Deal? Data is the Question
With the Brexit deadline looming ahead on 31 October 2019, the situation seemingly reaches new levels of uncertainty every day. Last week, the U.K. Supreme Court’s eleven judges unanimously ruled that Prime Minister Boris Johnson’s decision on 9 September 2019, to prorogue Parliament was “unlawful and void.” Parliament will therefore carry on its Brexit discussions…with now only thirty days left to finalise a deal. Although Parliament, while still in session, passed a law to extend the Brexit deadline, such an extension would still require approval by the EU.
So how should companies prepare, on either side of the Channel (and beyond), in the coming months for the more-likely-by-the-day-scenario of No-Deal?(more…)
European Data Protection Board Clarifies the Interplay Between the EU Clinical Trials Regulation and the General Data Protection RegulationApril 8th, 2019 | Posted by in Non classé - (0 Comments)
On January 23, 2019, the EU Data Protection Board (“EDPB” – the gathering of all European Union (EU) data protection authorities) adopted opinion no. 3/2019 (the “Opinion”) on the interplay between the Clinical Trials Regulation no. 536/2014 “CTR”) and the General Data Protection Regulation (“GDPR”). Anticipating the application of CTR (currently expected to occur in 2020) following the implementation of the EU portal and the EU database of the European Medicines Agency, the Opinion provides clarification on (i) the different legal bases for the processing of personal data operations related to a specific clinical trial, from commencement of the clinical trial until the deletion of personal data collected during the clinical trial (“Primary Use”); and (ii) the further use of the same personal data set for any other scientific purposes (“Secondary Use”). Without establishing a legal basis, no one can process the personal data needed to run a clinical trial or to use the personal data for other research.
The New EU-Japan Personal Data Deal: EU and Japan to Each Recognize the Other’s Personal Data Protection System as Equivalent – What It Means For Businesses and Next StepsAugust 24th, 2018 | Posted by in Europe | Privacy - (0 Comments)
On 17 July 2018, the European Union (the “EU”) and Japan reached an agreement to recognize each other’s data protections systems as “equivalent”, and each commits to complete internal procedures by fall 2018 (the “Data Agreement”). Once adopted, this will allow businesses to transfer personal data from the European Economic Area 1)The EEA brings together the EU Member States and the three EFTA (European Free Trade Association) States (Norway, Liechtenstein and Iceland) into a … Continue reading(the “EEA”) to Japan and vice versa without being required to provide further additional safeguards for each transfer.
The Data Agreement concludes the two-year-long dialogue regarding mutual recognition of personal data protection regimes between the two parties, and it was issued along with the EU-Japan Economic Partnership Agreement, a long-awaited EU-Japan free trade deal. Prior to the final Data Agreement, in December 2017, the governments issued a joint statement to resolve issues essentially within the existing personal data protection framework to enable free data transfer between the two parties.
|↑1||The EEA brings together the EU Member States and the three EFTA (European Free Trade Association) States (Norway, Liechtenstein and Iceland) into a single market that seeks to guarantee the free movement of goods, people, services and capital.|
The ECJ Rules on the Compatibility with EU Law of Domestic Data Retention Requirements Imposed on Providers of Electronic Communications Services.March 17th, 2017 | Posted by in Europe | IT | Jurisprudence | Privacy - (0 Comments)
After its invalidation of the data retention requirements imposed by Directive 2006/24/EC in its Digital Rights Ireland decision dated 8 April 2014, the ECJ was requested to assess the compatibility with the Directive 2002/58/EC (the “ePrivacy Directive”) and the Charter of Fundamental Rights of the European Union (the “CFREU”) of a domestic legislation mandating a general and indiscriminate obligation to retain traffic and location data, without prior judicial review, for purposes including the fight against crime.). The ECJ joined the two cases which had been submitted for review and issued its decision on 21 December 2016 (the “Decision”).
The advent of autonomous cars represents a unique opportunity to rethink urbanism globally. Indeed, such a technological evolution will undoubtedly foster the development of a range of new offerings, such as car sharing and value-added opportunities, while at the same time ensure added safety on the roads at a time when traffic injuries remain the primary cause of death among people aged 15 to 29.
One direction in which this new paradigm could be expressed may be the decline of exclusive car ownership and the shift toward CaaS, or “Car-as-a-Service”. Autonomous cars could be shared among a community of subscribers and used on an as-needed basis, after which they could then park themselves outside of the urban landscape for battery-reloading purposes or when not in use.
Nevertheless, such an idealistic picture can only be achieved once all regulatory barriers have been lifted.