Guidance
Canada, U.S. sign international guidelines for safe AI development
Eighteen countries, including Canada, the U.S. and the U.K., today agreed on recommended guidelines to developers in their nations for the secure design, development, deployment, and operation of artificial intelligent systems. It’s the latest in a series of voluntary guardrails that nations are urging their public and private sectors to…
Read More »Data Protection: European Commission adopts new adequacy decision for safe and trusted EU-US data flows
Link to the original Press Release from the European Commission Today, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework. The decision concludes that the United States ensures an adequate level of protection – comparable to that of the European Union – for personal data transferred from…
Read More »How to Keep Your Digital Assets Safe From Hackers
The world of digital assets is snowballing in popularity and value. Cryptocurrencies, tokens, Non-Fungible Tokens (NFTs), and other digital assets are becoming hot commodities in the modern investment and financial landscape. Unfortunately, this surge in value does attract not only legit investors but also malicious hackers. Digital assets are particularly…
Read More »Privacy guidance for manufacturers of Internet of Things devices
August 2020 Overview As a manufacturer of Internet of Things (IoT) devices, you are responsible for the personal information under your control and have obligations under Canadian privacy legislation to implement effective privacy protection. This guidance focuses on adherence with Canada’s federal private-sector privacy law, the Personal Information Protection and Electronic…
Read More »The new trans-Atlantic data agreement puts E.U. priorities first
For the third time in seven years, Washington and Brussels have shaken hands on a deal to keep customer data flowing—and to keep a certain American social network afloat—across the Atlantic. The new Trans-Atlantic Data Privacy Framework’s provisions for E.U. individuals to seek redress against overreaching U.S. intelligence collection may…
Read More »CJEU throws wrinkle into EU-UK adequacy talks
The Court of Justice of the European Union continues to make things interesting in the data protection world. First came the court’s “Schrems II” decision last July, and this week, the CJEU issued a ruling that could spring a leak and potentially sink adequacy negotiations between the U.K. and EU.…
Read More »Schrems II Decision Extends to Swiss-US Privacy Shield; Agreement Found Inadequate After Annual Review
The unexpected Schrems II decision was a major blow to digital trade across the Atlantic, invalidating the EU-US Privacy Shield agreement and forcing companies to very quickly revamp their data handling processes. There was some question as to whether this ruling would extend to the similar Switzerland-US Privacy Shield agreement,…
Read More »Data Transfers: Post-Schrems II guidance from the LfDI Baden-Württemberg
In the wake of the Court of Justice of the European Union’s (‘CJEU’) judgment in Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems (Case-311/18) (‘the Schrems II Case’), the future of international data transfers hangs in the balance, with EU supervisory authorities playing a crucial role in shaping the case’s impact.…
Read More »European Data Protection Board – Thirty-seventh Plenary session
The Board adopted GDPR Guidelines on the concepts of controller and processor in the GDPR and Guidelines on the targeting of social media users. In addition, the EDPB created a taskforce on complaints following the CJEU Schrems II judgement and a taskforce devoted to the supplementary measures that data exporters…
Read More »The Broken Privacy Shield
It’s official — the EU Court of Justice has invalidated the U.S. Department of Commerce Privacy Shield Program in their landmark “Schrems II” case. To summarize, this means that any company that has been relying on the Privacy Shield Program to process the personal data of EU data subjects in…
Read More »