Articles

Results 1 to 5 of 14


Ransomware - why paying up earns no credit with the UK's Data Protection Authority and others

United Kingdom - August 22 2022 In a joint letter this summer, the UK’s data protection regulator (the ICO) and the UK’s National Cyber Security Centre (the NCSC) sought to convey…

Anna Blest, Kate Brimsted, Geraldine Scali

UK Data Reforms - Cautious First Steps Along the EU Adequacy “Tightrope”

United Kingdom - July 26 2022 The UK government set out its detailed proposals for data protection reform on 18 July 2022 in the form of the Data Protection and Digital…

Anna Blest, Kate Brimsted

UK-Outbound Data Flows: Standard Contracts Published and Enter Final Approval Phase

European Union, United Kingdom - February 1 2022 On 28 January 2022 (Data Protection Day), the UK’s International Data Transfer Agreement (“IDTA”) and International Data Transfer Addendum to the…

Christian M. Auty, Kate Brimsted, Tom Evans, Amy de La Lama, Geraldine Scali, Dominik Weiss

BCLP Global Data Privacy FAQs: What counts as a “transfer” of data under the EU GDPR? New draft EU Guidelines released

European Union - December 2 2021 It is well known that the EU GDPR (specifically, Chapter V) restricts transfers of personal data from the EU to a “third country” (i.e. A…

Christian M. Auty, Kate Brimsted, Tom Evans, Amy de La Lama, Geraldine Scali, Dominik Weiss

BCLP Global Data Privacy FAQs: How do the new Article 28 clauses fit with the new SCCs? Are both needed for a non-EU processor?

European Union - July 22 2021 In short, no. It is not necessary to use both the new SCCs and the new Article 28 clauses at the same time.

Christian M. Auty, Kate Brimsted, Amy de La Lama, Geraldine Scali, Dominik Weiss