Data Protection Weekly 28/2022

Jul 15, 2022

European Union

EDPB releases opinion on EU Member States- Russia Data Transfers

The EDPB published on 12 July 2022, an opinion on data transfers between EU members states and Russia.

In its opinion, the EDPB reminds that following sanctions related to its invasion of Ukraine, Russia is « no longer a contracting party » to EU legal framework and therefore, data transfers with russian companies can only occur using the transfer instruments provided in chapter V of the GDPR.

You can read the opinion, here.


EDPS warns about potential EU-UK adequacy issues

According to the EDPS, Wojciech Wiewiórowski, the current UK data protection reform could affect the adequacy decision.

You can read an article, on the subject here.


National Authorities

UK: ICO publishes its strategic plan 2022-2025

The ICO has unveiled on 14 July 2022, its strategic plan 2022-2025.

It focus on children’s privacy, discriminatory impacts and algorithmic bias of AI and malicious telemarketing.

The ICO intends to publish more guidance ressources and some privacy-by-design templates. A moderated compliance discussion platform will also be deployed.

You can read the press release, here.



Greece: The Hellenic Data Protection Autority fined Clearview AI 20M€

The Hellenic Data Protection Authority fined Clearview AI 20 million euros for GDPR violations, and banned the facial recognition company from collecting and processing Greeks’ personal data. It also ordered Clearview AI to delete any data already collected.

You can read the decision, only available in Greek, here.