In July, Guernsey Partner Richard Field and Cayman Islands Counsel Peter Colegate examined the unprecedented challenges facing businesses in respect of data protection and cyber security in...
Data transfers are a staple to the global ecosystem of the digital services economy, despite this, the future of cross-border data transfers between Member States within the European Union ("EU")...
On the 7th of November 2019, the European Data Protection Supervisor ("EDPS") issued guidelines ("Guidelines") on the concepts of controller, processor and joint controllership under Regulation...
The Court of Justice of the European Union ("CJEU"), has today delivered the much-anticipated preliminary ruling in the Schrems II case.
The right to privacy may be a fundamental human right but it is not absolute.
The Court of Justice of the European Union (hereinafter ‘CJEU') has recently delivered two judgements which albeit addressing separate points of law, in practical terms are seemingly conflicting.
Official Abolishment of Notification Requirements, Third Country Data Transfers & New Regulations on Secondary Processing of Health Data.
The European Data Protection Board ("EDPB"), has just issued a consultation which aims to clarify and establish a common understanding of the notion of the terms "relevant and reasoned"...
The Maltese Office of the Information and Data Protection Commissioner ("IDPC") has issued a statement addressing the processing of personal data in the context of COVID-19.
The mechanism being set up is one of the requirements introduced by the 5th anti-money laundering Directive (EU 2018/ 843).
Camilleri Preziosi Advocates
Recent Guidelines issued by the EDPB hold that merely restating the provisions of Art. 28 GDPR within a Data Processing Agreement ("DPA") will no longer suffice insofar as compliance with the GDPR is concerned.
These issues have made payment service providers (PSPs) question which provisions they should apply if there is an inconsistency between the two, and if the GDPR should prevail over the PSD 2.
On the 16th of July 2020, the Court of Justice of the EU (CJEU) issued its much anticipated Schrems II judgement, whereby the CJEU invalidated the EU-US Privacy Shield...
Telcos, (fixed, mobile & internet services providers) generate huge amounts of data. Increasingly, law enforcement officers around the world seek such information from service providers for use in criminal and national security investigations.
Camilleri Preziosi Advocates
The Government of Malta is, thus far, set on opening schools come September.
Mamo TCV Advocates
Law is an ever-evolving social construct and remains effective only insofar as it can be updated in a timely manner to keep up with real-life developments.
United Arab Emirates
STA Law Firm
Dubai International Financial Center (DIFC), issued DIFC Law Number 5 of 2020, a new Data Protection Law ("DPL")
Five years after the Schrems I case, which resulted in the Safe Harbour decision being declared invalid, the Court of Justice of the European Union (CJEU) has once again taken a position on two...
The Office of the Data Protection Authority in Guernsey (ODPA) has warned companies in the Bailiwick to be aware of the recent Court of Justice of the European Union (CJEU) judgment which...
On 16 July 2020, the Court of Justice of the European Union (the "Court") published its much anticipated ruling in the Schrems II case in which it considered whether the transfer ...