There are only a few ‘legitimate’ ways to transfer personal data from the EU/EEA to a so-called ‘unsafe’ third country. In the last years – and especially since the Safe Harbor framework has been declared invalid by the European Court of Justice two years ago - almost all of those ways have been criticized. Will the Standard Contractual Clauses remain valid?
The European Data Protection Regulation is on its way; On 15 December 2015, the European Parliament, the Council and the Commission (so-called "trilogue") reached an agreement on the new data protection rules. The Privacy Europe information sheet on the European Data Protection Regulation gives you an overview and practical recommendations on how to deal with the new provisions.
The Information Commissioner’s Office (the ICO) has served an enforcement notice on Google Inc requiring it to delist nine specific search engine results within 35 days. This is the first formal enforcement notice served by the UK regulator on the US online giant in relation to a ‘right to be forgotten’ request, a right which is likely to become enshrined in the new data protection regulation currently under discussion.