ICO publishes draft updated guidance in relation to specific employment practicesįollowing the conclusion of a public consultation on employment practices last year (reported on in our September 2021 alert), the Information Commissioner's Office (the " ICO") has published two updated pieces of draft guidance covering monitoring at work and information about workers' health (together the " Draft Guidance"). You can also read our blog post here for a detailed summary of the Executive Order and Framework, including commentary on the reactions and challenges it has received to date. We have outlined our five key takeaways here. ![]() The EU and UK must now independently choose whether to grant an adequacy decision in relation to the US for the Framework to be approved, which is not expected before Spring 2023.ĭata Protection Partner, Katie Hewson, joined the TechUK panel discussion on 'The Future of Transatlantic Data Flows: The UK Perspective' earlier this month to give her initial thoughts. update the privacy principles, which companies are required to adhere to in order to be certified to the Framework, from those that were applied under the old Privacy Shield mechanism.introduce internal procedural requirements for handling personal data and.introduce a new redress mechanism for affected individuals.enhance safeguards and oversight of US signals intelligence activities.Under the Executive Order, the US Government commits to: The Executive Order has the force of law in the US and sets out the US Government's commitment to restore a legal basis for overseas transfers of personal data to the US, and ensure protection for EU personal data that is essentially equivalent to the protection it receives in Europe. The Framework is intended to provide a safeguard for transatlantic data flows following the landmark Schrems II ruling in July 2020 which declared the EU-US Privacy Shield invalid as a transfer tool. On 7 October 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (the " Executive Order") which outlines the steps to be taken to implement the United States' commitments under the EU-US Data Privacy Framework (the " Framework") (previously reported on in our March 2022 bulletin). EU companies must make reasonable efforts to communicate data subjects' withdrawal of consent to third parties, CJEU rulesĭata protection The Executive Order on US Surveillance.CJEU Advocate General issues opinion on the relevance of an individual's interests in relation to a disclosure of personal data.'Mere upset' from EU GDPR violations not a ground for compensation, CJEU Advocate General determines.EDPB writes to European Commission to seek GDPR enforcement changes.French data protection authority issues €20 million fine to Clearview AI for unlawful facial image collection.ICO warns against use of emotional analysis biometric technologies. ![]() Home Office reprimanded by the ICO for loss of sensitive documents containing special category data.Easylife fined £1.48 million by ICO for data breaches.ICO hands £4.4 million penalty to Interserve for failure to ensure the security of employees' personal data.Huawei technology banned from UK 5G public networks.The UK REUL Bill passes its second reading in the House of Commons. ![]() ![]() Recent updates to EDPB guidance on breach notifications and the identification of lead supervisory authorities.ICO publishes guidance on electronic mail direct marketing.ICO publishes draft updated guidance in relation to specific employment practices.Welcome to our data protection bulletin, covering the key developments in data protection law from October 2022.
0 Comments
Leave a Reply. |