Cross-Border Data Transfers

Subscribe to Cross-Border Data Transfers

Final Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021

By Benjamin Haley, Dan Cooper, Deon Govender, Ahmed Mokdad, Shivani Naidoo & Kgabo Mashalane on June 1, 2021

Posted in Cross-Border Data Transfers, Data Privacy, Internet of Things (IoT), Privacy & Data Security

In Episode 12 of our Inside Privacy Audiocast, together with special guest Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa, we discussed the Information Regulator’s mandate and the implementation of data protection legislation in South Africa. Now, with less than a month to go before South Africa’s Protection of Personal Information Act, 2013 (“POPIA”) takes full effect on July 1, 2021, it is critical for organizations operating in South Africa to ensure that they are ready, if and when the Information Regulator comes knocking.

It is only when organizations start their POPIA journey that they realize just how wide the POPIA net is cast, and that very few businesses fall outside of its reach. The road to POPIA compliance should be viewed as a marathon, and not a sprint. While implementing and maintaining an effective POPIA compliance program will take continued effort and resources well beyond the July 1, 2021 go-live date, here we outline five steps to which companies subject to POPIA should give their attention in the short term.

…
Continue Reading Final Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021

EDPB adopts recommendations on international data transfers following Schrems II decision

By Dan Cooper, Lisa Peets, Marty Hansen & Sam Jungyun Choi on November 12, 2020

Posted in Cross-Border Data Transfers, European Data Protection Board, General Data Protection Regulation, Privacy & Data Security

On 11 November 2020, the European Data Protection Board (“EDPB”) issued two draft recommendations relating to the rules on how organizations may lawfully transfer personal data from the EU to countries outside the EU (“third countries”). These draft recommendations, which are non-final and open for public consultation until 30 November 2020, follow the EU Court of Justice (“CJEU”) decision in Case C-311/18 (“Schrems II”). (For a more in-depth summary of the CJEU decision, please see our blog post here and our audiocast here. The EDPB also published on 24 July 2020 FAQs on the Schrems II decision here).

The two recommendations adopted by the EDPB are:

Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data (“Draft Recommendations on Supplementary Measures”); and
Recommendations 02/2020 on the European Essential Guarantees for surveillance measures (“Recommendations on EEG”).

…
Continue Reading EDPB adopts recommendations on international data transfers following Schrems II decision

Privacy Shield Ombudsperson Confirmed by the Senate

By Mark Young & Sam Jungyun Choi on June 25, 2019

Posted in Congress, Cross-Border Data Transfers, European Union

On June 20, 2019, Keith Krach was confirmed by the U.S. Senate to become the Trump administration’s first permanent Privacy Shield Ombudsperson at the State Department. The role of the Privacy Shield Ombudsperson is to act as an additional redress avenue for all EU data subjects whose data is transferred from the EU or Switzerland to the U.S. under the EU-U.S. and the Swiss-U.S. Privacy Shield Framework, respectively.
…
Continue Reading Privacy Shield Ombudsperson Confirmed by the Senate

Inside Tech Media

Cross-Border Data Transfers

Final Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021

Privacy Shield Ombudsperson Confirmed by the Senate

About this Blog