Irish High Court dismisses legal bid by Facebook over EU-US data transfers computerweekly.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from computerweekly.com Daily Mail and Mail on Sunday newspapers.
Monday, May 17, 2021
On May 11, 2021, the European Parliament issued a press release requesting that the European Commission amend its draft decisions on UK adequacy to more closely align with EU court rulings and the opinion of the European Data Protection Board (“EDPB”). The request came after the Parliament’s Civil Liberties Committee (the “Committee”) passed a resolution evaluating the Commission’s approach regarding the adequacy of the UK’s data protection regime. The Members of European Parliament (“MEPs”) stated that if the Commission’s implementing decisions are adopted without amendment, transfers of personal data to the UK should be suspended when there is the potential for indiscriminate access to personal data.
Facebook loses last-ditch attempt to derail DPC decision on its EU-US data flows
Facebook has failed in its bid to prevent its lead EU data protection regulator from pushing ahead with a decision on whether to order suspension of its EU-U.S. data flows.
The Irish High Court has just issued a ruling dismissing the company’s challenge to the Irish Data Protection Commission’s (DPC) procedures.
The case has huge potential operational significance for Facebook, which may be forced to store European users’ data locally if it’s ordered to stop taking their information to the U.S. for processing.
Friday, May 14, 2021
Is an outsourced call center a processor or controller under the GDPR?
A controller refers to the entity that determines the “purpose and means” of how personal data will be processed. Determining the “purpose” of processing refers to deciding why information will be processed. Determining the “means” of processing refers to deciding how information will be processed.
1 That does not necessarily mean, however, that a controller needs to make every decision about how processing will occur. The European Data Protection Board (EDPB) distinguishes between “essential means” and “non-essential means” of processing.
2 Essential means refers to those processing decisions that are closely linked to the purpose and the scope of processing and, therefore, are considered by the EDPB to be “traditionally and inherently reserved to the controller.”
Friday, May 14, 2021
Is a merchant’s bank a processor or controller under the GDPR?
A controller refers to the entity that determines the “purpose and means” of how personal data will be processed. Determining the “purpose” of processing refers to deciding why information will be processed. Determining the “means” of processing refers to deciding how information will be processed.1 That does not necessarily mean, however, that a controller needs to make every decision about how processing will occur. The European Data Protection Board (EDPB) distinguishes between “essential means” and “non-essential means” of processing.2 Essential means refers to those processing decisions that are closely linked to the purpose and the scope of processing and, therefore, are considered by the EDPB to be “traditionally and inherently reserved to the controller.”3 Non-essential means refers to processing decisions that are more practical, day-to-day, implementa