The European Commission published a proposal for a Cyber Resilience Act on 15 September 2022 (the ‘Regulation’), which aims to:

  • ensure that cyber security is considered during the development of hardware and software products and is continuously improved throughout that product’s life cycle; and
  • improve transparency so that users can take cybersecurity into account when selecting and using a product with digital elements.


Continue Reading EU Commission proposes Cyber Resilience Act to bolster the EU’s cyber security rules.

Today the European Commission issued the new and long-awaited Standard Contractual Clauses, available here (SCCs). These new SCCs contain updates for the GDPR, and replace the three sets of SCCs that were adopted under the previous Data Protection Directive. The SCCs released today include the following modules:

  • Controller to controller transfers,
  • Controller to processor transfers,
  • Processor to processor transfers, and
  • Processor to controller transfers.

The draft SCCs had been open to consultation in December of 2020 (more on our previous blog here). The final drafts issued today will come into effect 20 days after publication on the Official Journal of the European Union, which should be sometime between the 25th and 30th of June 2021.
Continue Reading European Commission issues New Standard Clauses for data transfers outside the EEA: Act within 18 months

The EU Commission recently launched a Public consultation on Building the European data economy. The objective behind the consultation is to feed into the Commission’s future policy agenda on the European data economy in 2017.

The data economy

In its Communication entitled “Building a European Data Economy,” the Commission has re-identified (from its 2012 Communication) the need to upgrade the EU’s legal regarding the trade of data.
Continue Reading Building the EU data economy: time for an upgrade?