The revolution that the Internet has brought to the business world is undeniable, allowing information to be shared around the world in a matter of seconds. In fact, a large part of the services and business models that have arisen as a result of...
On 4th June 2021 the EU Commission published two sets of standard contractual clauses under the General Data Protection Regulation (“GDPR”): Standard contractual clauses for international data transfers (“new SCCs”), which is the much-awaited set of...
The same elements and techniques that power the socio-economic benefits of AI can also bring new risks and negative consequences for individuals or society. In response, on April 2021 the EU Commission has published a new draft AI Regulation which...
During its 48th Plenary Session, the European Data Protection Board (EDPB) adopted its two Opinions on the European Commission’s adequacy decisions on the UK. Although the EDPB acknowledges that there are key areas of strong alignment between...
The Court of Justice of the European Union (‘CJEU’) published, on 16 July 2020, its highly anticipated Judgment in the case known as ‘Schrems II’. This is the latest chapter in the Schrems case that also took down the former EU-US Safe Harbour...
Simply mentioning “artificial intelligence” already invokes dangerous robots destroying the world. Fortunately, reality shows that the current uses of this technology are definitely of a much more positive character. In fact, the...
“Consent” is one of the legitimate bases or legal grounds included in Article 6 of the EU General Data Protection Regulation (GDPR). The definition of consent is included in Article 4.11 of the GDPR as follows: Any freely given, specific, informed...
As explained in a previous post on legitimate basis, a data processing activity can only be lawful if it is based on one of the six situations established in Article 6.1 of the General Data Protection Regulation (GDPR or GDPR). Among them, Article 6...
UPDATE June 2021: The EU Commission has published new sets of Standard Contractual Clauses for international data transfers. Please note that the article below refers to the old ones and therefore is not relevant anymore. You can learn more on the...
Recital 39 of the General Data Protection Regulation (GDPR) states that any processing of personal data should be lawful and fair. Also, Recital 40 states that for processing to be lawful, personal data must be processed by the consent of the data...