During this 37th plenary session, the Board adopted Guidelines on the concepts of controller and processor and Guidelines on the targeting of social media users. The EDPB also created a taskforce focusing complaints following the CJEU Schrems II judgement and
On 23 July 2020, the European Data Protection Board (EDPB) released a FAQ on the consequences of the CJEU’s judgement of 16 Juley 2020 (Schrems 2)
This judgment invalidates the Privacy Shield, an EU-US data transfer mechanisms, and conditions the validity of the Standards contractual clauses (SCCs), another transfer mechanisms, to the prior analysis of the level of protection provided by the third country recipient and the implementation of additional measures where necessary.
This FAQ provides a glimpse of the position of the Authorities following the CJEU Decision that calls into question the possibility to transfer any personal data to the US. However, the EDPB remains relatively unspecific as it is currently working on more detailed guidance that should be released shortly.
During its 34th plenary session that took place on 20 July 2020, the European Data Protection Board (EDPB) adopted the following documents: a statement on the CJEU’s ruling in Facebook Ireland v Schrems in which it states that it is
During its 32nd plenary session, the European Data Protectino Board (EDPB) adopted the following documents: a statement on the interoperability of contact tracing apps; a statement on the opening of borders and data protection rights; two letters to MEP Körner
In a letter of 15 June 2020, in response to Member of the European Parliament with regard to the agreement between the UK and the US on Access to Electronic Data for the Purpose of Countering Serious Crime, signed on