News

Post Schrems II decision – what to do next to manage data transfers outside the EU

Kate Colleary September 15, 2020

Organisations that wish to transfer the personal data of Europeans to jurisdictions outside the EEA must use an appropriate transfer mechanism to transfer the data lawfully. For example, let’s take a company based in the US that provides accounting software to Customers in the EU. These EU Customers are likely to be Data Controllers as in they are responsible for the data they collect and process relating to their clients. The US company is likely to be a Data Processor in respect of the personal data transferred by those Customers. As the EU-based Customers are essentially transferring data from the

The New EU Data Protection Regime: Setting Global Standards for the Right to Personal Data Protection

Kate Colleary July 23, 2020

Our founder and director Kate Colleary co-authored this paper with Emily Gibson and Anna Morgan. It was due to be presented at the annual European judges conference in The Hague this summer but Coronavirus prevented that. Click here to view the publication.

Join our Founder & Director Kate Colleary at #IAPPSummitSessions!

Kate Colleary June 26, 2020

Join our founder & director Kate Colleary at #IAPPSummitSessions with IAPP – International Association of Privacy Professionals! Click here – https://iapp.org/conference/virtual-sessions/summit-sessions/

COVID – 19 in the Workplace – Employment and Data Protection

Kate Colleary March 18, 2020

FAQ in Employment and Data Protection Employment Law firm, CC Solicitors, and data protection experts, Pembroke Privacy, have come together to provide urgent advice and support for our clients onemployment and data protection issues in the workplace arising from COVID – 19. This FAQ highlights some of the type of questions we have been recently asked. Table of contents What immediate steps should be taken? What should employers do when there is a suspected case of the virus? What if an employee cannot attend work because they have to self-isolate because of COVID – 19? The schools and childcare facilities

DPC Annual Report 2019 – Analysis and Commentary

Kate Colleary February 25, 2020

This week (on 20 February 2020) the Data Protection Commission launched its annual report for 2019. The report highlights the activities of the Data Protection Commission (DPC) in the past year, the first full year since the GDPR commenced. Some highlights of interest include topics such as complaints made, Data Subject Access Requests, direct marketing activities, data breaches, statutory enquiries, cookies, consultations, Data Protection Officers, case studies and litigation. Some highlights and points to note on the report are as follows: Complaints A total of 7215 complaints were received by the DPC in 2019. Access Requests was the highest complaint-type

Preparing for International Data Protection Day 2020 – Dublin, Ireland

Kate Colleary January 27, 2020

Last week was been a busy one, with privacy pros preparing for this week’s international Data Protection Day. Here in Dublin, we are looking forward to welcoming IAPP CEO J. Trevor Hughes to celebrate the most important day in the international privacy and data protection calendar. We are hoping Trevor will experience a true Irish “céad míle fáilte” (a hundred thousand welcomes). We have a packed schedule for this week, with meetings, lunches, dinners and podcasts planned. You can read more here.

Schrems II Opinion issued by the Advocate General of the Court of Justice of the EU

Kate Colleary December 19, 2019

In today’s opinion, delivered by Advocate General Henrik General Saugmandsgaard Øe of the Court of Justice of the EU, Standard Contractual Clauses (SCCs) have been declared valid. SCCs are a mechanism used to transfer personal data outside the EEA where the country to which the data is being sent does not have an adequate level of protection for personal data. Where a controller wishes to transfer personal data to a country outside the EEA, it must comply with one of a number of mechanisms to ensure the protection of that data. One of those mechanisms is a system whereby the controller

“C” is for Cookie and Consent

Kate Colleary November 15, 2019

What are Cookies? Cookies are small text files that are placed by website operators on to the devices of website users. They gather information about the device and send that information back to the website operator. Their functions are varied. They allow a website operator to provide services, identify particular devices, understand website user preferences and so on. Cookies are also used to facilitate targeted advertising. Necessary & unnecessary Cookies A distinction is made between necessary and unnecessary cookies. Necessary cookies are used to transmit communications or to allow website operators to run their websites smoothly and provide services to

Health Research Regulations in Ireland

Kate Colleary July 9, 2019

It’s a busy time for privacy pros in the healthcare sector in Ireland at the moment. They are working hard to not just comply with GDPR but also to roll out a new framework when processing data for health research. The Irish Government’s Health Research Regulations 2018 apply in addition to the GDPR and the Data Protection Act 2018; so organisations are now creating processes to ensure that they comply with all regimes, in addition to any other regulations relating to health research/clinical trials (including the Clinical Trials Regulation (EU Regulation 536/2014) due to commence in 2020). In summary, the