The GDPR’s ripple effect everywhere

When Laura Linkomies, PL&B Reports Editor, and I attended the CPDP Conference in Brussels in late January, Laura chaired a session on EU adequacy and I chaired a session on data breaches.

At dinner in Brussels with Eduardo Bertoni, Argentina’s DP Commissioner (National Director, Access to Public Information Agency) we discovered that the review of Argentina's EU adequacy status is already underway (p.17 and S4). During his visit to Brussels, Mr Bertoni took the opportunity to visit the relevant staff at the European Commission to begin the process. Also present at the dinner were the top national experts, PL&B International Report correspondents and PL&B conference speakers: Danilo Doneda from Brazil (p.14 and S5) and Ana Brian Nougrères from Uruguay (p.16 and S13).

Eduardo Bertoni, Danilo Doneda, and Bruno Gencarelli, Head, International Data Transfers and Protection Unit, European Commission have agreed to speak at GDPR’s influence ripples around the world, PL&B’s 32nd Annual International Conference, 1-3 July at St. John’s College, Cambridge. Names and sessions of 45 speakers from 16 jurisdictions are confirmed to date.

EU-Japan mutual adequacy agreement

I also met at the conference Hiroshi Miyashita, Associate Professor, Chuo University, Tokyo. When discussing the recently adopted EU-Japan mutual adequacy agreement, announced on 23 January, he told me that Japan’s own review of its data protection law had already begun. The aim is that Japan’s new law will be strengthened to become “more adequate” in time for the next EU-Japan review (p.12, p.18 and S8), as he explains in this edition. This 32nd Anniversary edition, as always, brings you authoritative reports by leading experts in this ever developing field. The GDPR’s ripple effect is also evident in countries as far apart as Brazil and South Korea (p.17 and S8), as we will learn in Cambridge.

Such meetings with the main actors bring to life the vast canvas of the tables of 132 data privacy laws and 28 bills around the world (see the supplement), prepared by Professor Graham Greenleaf, our Asia-Pacific Editor. This is the 6th edition of these tables which started in 2011. His authoritative commentaries (pp.14-20) provide analysis and context to this world leading feature often referenced by the United Nations, Council of Europe, European Commission, European Data Protection Supervisor, OECD, national policy makers and Data Protection Authorities (reference 5 p.17).

By the time we publish the April edition of PL&B International Report, we should have a clearer idea of the data protection law implications of Brexit (pp. 26 and 27) a subject on which I have written to the UK’s Prime Minister, and which we cover fully in PL&B United Kingdom Report.

3 PL&B Conferences ahead

The PL&B annual conference early discount registration period runs until 15 April, by which time the conference programme will have taken shape. Places are already going fast at this early stage.

In addition, we have now announced Privacy Laws & Business’s:

  • Ireland conference in Dublin on 8-9 May in association with law firm McCann FitzGerald and with three speakers from Ireland’s Data Protection Commission: the Commissioner; Solicitor; and Head of the Special Investigations Unit, and
  • our next Asia Conference in London on 30 October in association with law firm Linklaters, where the speakers will be Professor Graham Greenleaf and Adrian Fisher, Partner and Head of the Privacy Practice, Linklaters, Singapore.

Laura and I always welcome your comments and questions and look forward to meeting you at one or more of these events.


Stewart Dresner, Publisher

International Report 157

Lead story:

Belgium: GDPR implementing Act enters into force

Laura Brodahl, Laura De Boel and Cédric Burton of Wilson Sonsini Goodrich & Rosati analyse the specifics of the law.

Contents also include:

  • Comment: GDPR: The global benchmark
  • FEDMA voices its concerns about e-Privacy draft regulation
  • CNIL fines Google €50 million
  • GDPR extraterritorial reach: Conflict with international law?
  • Japan to issue further data protection legislation
  • Global data privacy laws 2019: 132 national laws and many bills
  • Global data privacy laws: New eras for international standards
  • New Zealand’s Privacy Bill
  • Data protection bills in Kenya, Uganda, Tanzania and Zambia
  • 59,000 data breaches reported across Europe
  • Mutual EU-Japan adequacy
  • EU-US Privacy Shield continues
  • Facebook accused of “exploitative abuse”
  • EDPB adopts more DPIA lists
  • Singapore’s DPA issues large fines
  • Ireland advises on Brexit ‘no deal’ implications
  • EU Advocate General: Right to be Forgotten is limited to EU
  • Doctor has ‘Right to be Forgotten’
  • EDPB advises on Brexit impact on data transfers and BCRs