Categories
Articles

Schrems II: SCCs plus… what?

The recent Schrems II decision on Standard Contractual Clauses found that, in some situations, data exporters and importers might need to agree additional measures beyond just relying on SCCs. While we’re waiting for the Information Commissioner and EDPB to give more detailed advice on which situations and which measures, here are some themes I’ve spotted […]

Categories
Articles

ECJ invalidates Privacy Shield; Model Clauses valid but may not be sufficient

[UPDATE 27/7/20: the ICO has now published a statement on the decision] On July 16th 2020, the European Court of Justice made its long-awaited decision in the case of Data Protection Commissioner [Ireland] v Facebook Ireland Ltd and Maximillian Schrems, generally known as “Schrems II”. This concerned two of the GDPR’s mechanisms for transferring personal […]

Categories
Presentations

Data and the return to campus

[Update: a recording of my talk is now available] When I submitted my proposal for a talk at the EUNIS 2020 conference, I was planning to talk about the need to work with staff and students to agree why and how to use intelligent campus sensors and data. That was intended to be looking into […]

Categories
Articles

New Presidency: new ePrivacy progress?

It seems a long time since I wrote about the ePrivacy Regulation. This was supposed to come into force alongside the GDPR, back in May 2018, and provide specific guidance on its application to the communications sector. You may remember it as “Cookie law”, though it was never just that. Unfortunately its scope grew and, […]

Categories
Articles

AI: Don’t Stare

An interesting virtual water-cooler discussion with colleagues who are exploring the potential of AI as a Service. They tested a selection of easily available cloud face-processing systems on a recording of one of our internal Zoom meetings, and were startled by the results. Face identification wasn’t a surprise: everyone who has changed the background on […]