According to a report by the news portal Politico, the White House will publish an executive order on transatlantic data transfers next week. The report is based on unofficial statements from the White House. This will be followed by a ratification process by the European Commission, which will take until
Inside IT published an interview with Adrian Lobsiger today, 9/28/2022, titled “Edöb: “If authorities only trust private expert opinions, they can get a bloody nose”. The lead of the article is as follows: The Federal Data Protection Commissioner criticizes law firms,
In view of the discussions currently underway, the Association for Corporate Data Protection (VUD) has published “FAQ on the use of cloud technologies”. The document is dated August 26, 2022 and is available here on the VUD website. The FAQ or the answers are available after
David Rosenthal has famously made available several forms that support risk assessments related to transfers of personal data abroad (see here for more on this). So far, they are the following forms, in logical order: Survey of Local Law with Reference to Lawful Access:
On July 13, 2022 (Case No. 1 VK 23/22), the Vergabekammer Baden-Württemberg (VK) issued a non-appealable decision that has made waves (see, for example, the successful bidder’s law firm, a discussion on Twitter, and Martin Steiger’s comment).
In a decision dated July 14, 2022, the Danish data protection supervisory authority, Datatilsynet, commented on the use of Google products by a municipality and in particular on the transfer to the USA: Decision in the Danish original German translation (DeepL, PDF) Background and prohibitions
According to media reports, the Irish data protection authority intends to prohibit the disclosure of data from Ireland to the USA within the Facebook group. It is said to have sent a draft of a corresponding decision to the other European data protection authorities for comment, in the procedure under Art. 60 GDPR.
After Austria (data protection authority) and France (CNIL), Italy (the Garante) also restricts the use of Google Analytics: Media release (EN) Decision (PDF, IT) Decision translated (PDF, DE) The Garante joins the decisions of Austria and France in the matter. First
On June 13, 2022, the FDPIC published an “Opinion on Suva’s data protection risk assessment on the Digital Workspace ‘M365′ project”, dated May 13, 2022. The document is available here together with a summary and with a response from Suva