EU law meets state communications surveillance – what consequences for UK data protection adequacy?

Written By

graham smith module
Graham Smith

Of Counsel
UK

Insightful advice from one of the UK's leading internet and IT lawyers.

In July 2020 the CJEU Schrems II judgment invalidated the EU-US Privacy Shield under the provisions of EU data protection law governing transfers of data to third countries.

The CJEU decided that, in the light of US state communications surveillance powers, the Privacy Shield arrangements did not adequately protect EU personal data. Now, hard on the heels of Schrems II, have come the 6 October 2020 CJEU judgments in C-623/17 Privacy International and C-511-512/18 La Quadrature du Net (the latter joined with C-520/18 Ordre des barreax francophones et Germanophone). These new judgments address compliance with EU law of various UK, French and Belgian communications data retention and surveillance powers.

View the full article on digitalbusiness.law >

Latest insights

More Insights
featured image

Report of Trade Mark Cases For the CIPA Journal May 2025

1 minute Jul 04 2025

Read More
Curiosity line teal background

China Cybersecurity and Data Protection: Monthly Update - June 2025 Issue

Jul 02 2025

Read More
Security camera on blue background

NATO Summit 2025: What It Means for Defence Procurement and Tech Stakeholders

Jun 30 2025

Read More