EU law meets state communications surveillance – what consequences for UK data protection adequacy?

Written By

graham smith module
Graham Smith

Of Counsel
UK

Insightful advice from one of the UK's leading internet and IT lawyers.

In July 2020 the CJEU Schrems II judgment invalidated the EU-US Privacy Shield under the provisions of EU data protection law governing transfers of data to third countries.

The CJEU decided that, in the light of US state communications surveillance powers, the Privacy Shield arrangements did not adequately protect EU personal data. Now, hard on the heels of Schrems II, have come the 6 October 2020 CJEU judgments in C-623/17 Privacy International and C-511-512/18 La Quadrature du Net (the latter joined with C-520/18 Ordre des barreax francophones et Germanophone). These new judgments address compliance with EU law of various UK, French and Belgian communications data retention and surveillance powers.

View the full article on digitalbusiness.law >

Latest insights

More Insights
Curiosity line green background

China Cybersecurity and Data Protection: Monthly Update - March 2025 Issue

Mar 27 2025

Read More
featured image

The evolution of the concept of personal data: Are we entering the era of relative personal data?

16 minutes Mar 21 2025

Read More
Curiosity line yellow background

China TMT: Bi-monthly Update - January and February 2025 Issue

Mar 21 2025

Read More