In this paper, authors aim to help overcome a perceived paradox (and attendant tensions) between the two objectives of innovation and privacy/data protection, in particular in relation to data scenarios where organisations are open to personal data they control to be reused (internally within their corporate group, or externally via a third party) for innovative purposes. They argue that to do this requires better defining key notions in data protection law, acknowledging the interdependence of data protection requirements or principles, and relying upon ongoing data management processes in order to control complex data environments. These are the pillars of a dynamic approach to data protection law.
EDPB Approves Six-Month Extension for UK Data Protection Adequacy
The EDPB supports a six-month extension of the UK GDPR adequacy decisions until December 2025 while awaiting the UK’s data […]