EU General Data Protection Regulation Adopted
The European Parliament last week approved the European Union General Data Protection Regulation (GDPR). The GDPR is a regulation with vast breath and scope and will not only impact companies in the EU or the tech industry. Any company that works with EU citizens’ data will need to comply with this regulation.
The regulation will enter into force 20 days after its publication in the EU Official Journal. Its provisions will be directly applicable in EU member states two years after this date.
To view the Commission’s statement on the final adoption please click here.
Please note that the ICC GDPR inventory will be updated and re-circulated to members in light of this development.
WP29 Opinion on Privacy Shield Released
On 13 April 2016, the Article 29 Working Party (WP29) published its Opinion on the EU-U.S. Privacy Shield draft adequacy decision.
The Privacy Shield was formed to replace the previous Safe Harbor framework invalidated by the Court of Justice of the European Union (“CJEU”) in the Schrems decision.
Please click here for the full WP29 opinion. A statement from the WP29 can be accessed here.