EU law meets state communications surveillance – what consequences for UK data protection adequacy?

Published

Nov 30 2020

Written By

Graham Smith

Of Counsel
UK

Insightful advice from one of the UK's leading internet and IT lawyers.

In July 2020 the CJEU Schrems II judgment invalidated the EU-US Privacy Shield under the provisions of EU data protection law governing transfers of data to third countries.

The CJEU decided that, in the light of US state communications surveillance powers, the Privacy Shield arrangements did not adequately protect EU personal data. Now, hard on the heels of Schrems II, have come the 6 October 2020 CJEU judgments in C-623/17 Privacy International and C-511-512/18 La Quadrature du Net (the latter joined with C-520/18 Ordre des barreax francophones et Germanophone). These new judgments address compliance with EU law of various UK, French and Belgian communications data retention and surveillance powers.

View the full article on digitalbusiness.law >