SPOKES Privacy Technology Conference Fall 2021

Watch Now

Privacy Law Update: December 6, 2021

Dec 6, 2021 | Privacy Law Update

WireWheel Privacy Law Update blog post cover image with an icon of capital building.

Written by Rick Buck, Chief Privacy Officer, WireWheel

Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!

Newsworthy Updates

EDPB Discusses Data Transfer Guidance Considerations, Key Points

With the recent adoption of guidelines on the interplay between Article 3 and Chapter V of the EU General Data Protection Regulation relating to international data transfers, the European Data Protection Board sought to answer a question that has been debated going back five years to the GDPR’s original drafting. But as is usually the case when addressing the complex topic of transfers, answering one question has spawned so many others.  EDPB Secretariat Head Isabelle Vereecken said during a LinkedIn Live conversation with IAPP Vice President and Chief Knowledge Officer Caitlin Fennessy, CIPP, the EDPB’s decision to act had less to do with answering or creating questions than it did with providing consistency, clarity and legal certainty.

Parsing Through Potential Impacts Of EDPB Data Transfer Guidance

The European Data Protection Board’s new guidelines on the interplay between Article 3 and Chapter V of the EU General Data Protection Regulation answer the threshold question that underpins GDPR’s data transfer regime — what is a transfer? The answer comes across as straightforward, but the debate behind it and the implications of it are anything but. IAPP Vice President & Chief Knowledge Officer Caitlin Fennessy, CIPP/US, dives into the practical impacts and policy considerations stemming from the new guidance.

New Data Protection Standards for Adtech Companies Proposed by UK ICO, But Actual Changes Remain Questionable as Leadership Changes Hands

A new Commissioner’s Opinion issued by the UK’s Information Commissioner’s Office (ICO) reiterates the country’s data protection standards and lays out its vision of future regulation plans for ad tech companies, calling for solutions that are more privacy-focused and worthy of user trust.  The actual impact of this opinion on the country’s data protection standards is questionable given that it does not clearly indicate any new regulations for adtech; it simply implies that previously lax enforcement by ICO may be stepped up. This could depend greatly on the organization’s leadership, however, which is presently in flux. The opinion was issued by Elizabeth Denham, whose term as Information Commissioner comes to an end November 30 and whose replacement does not step in until January 2022.

India’s PDPB Set For Parliament’s Consideration

The Joint Parliamentary Committee (JPC) on November 22 adopted the draft report on the Personal Data Protection (PDP) Bill 2019, after almost two years of deliberations.  According to sources, the report will now be presented in the Winter Session of Parliament along with the PDP Bill 2019, for discussion.  The final meeting of the JPC included several MPs, including three Congress leaders, Jairam Ramesh, Gaurav Gogoi and Manish Tewari raising dissent. 

5 Steps to Comprehensive Privacy Compliance

While universally desired by individuals and enterprises alike, true privacy is nearly unobtainable. On a conceptual level, adhering to privacy may appear straightforward, but the logistical and technological challenges getting there are daunting. To holistically incorporate privacy into an organization, one has to take stock of the challenges that have historically impeded compliance efforts and continuously re-evaluate privacy strategies.

WhatsApp Pushes Privacy Update To Comply With Irish Ruling

WhatsApp is adding more details to its privacy policy and flagging that information for European users, after Irish regulators slapped the chat service with a record fine for breaching strict EU data privacy rules.  Starting Monday, WhatsApp’s privacy policy will be reorganized to provide more information on the data it collects and how it’s used. The company said it’s also explaining in more detail how it protects data shared across borders for its global service and the legal foundations for processing the data.

Future proof your privacy program with WireWheel’s Trust Access and Consent Center to manage DSARs and consent and WireWheel’s Privacy Operations Manager for managing assessments.

Request a demo to learn more.

Suggested Blog Posts