CIPL Quarterly Reports
Message from President Bojana Bellamy
Following the invalidation of the Privacy Shield and the upholding of Standard Contractual Clauses as transfer mechanisms by the Court of Justice of the European Union in the Schrems II Decision, I’d like to first assure you that we at CIPL are considering all possible actions that we could undertake to help bridge regulatory and industry perspectives on the practical consequences of the ruling and next steps following the decision. We are committed to supporting you as you contend with the impacts of the decision.
As we continue to work digitally, I would like to highlight some of the key CIPL work streams and deliverables from the past few months. As a reminder, we’ve recently released our report on “What Good and Effective Data Privacy Accountability Looks Like: Mapping Organizations’ Practices to the CIPL Accountability Framework,” with which we are able to provide concrete evidence and success stories from organizations on how they implement, demonstrate and enforce privacy accountability. We’ve also presented this paper to global DPAs, regulators and policymakers in several virtual meetings following the release of our report.
As part of our AI work stream, we’ve recently responded to the EU Commission’s White Paper that seeks to propose an EU Regulatory approach to AI, and held two meetings with the EU Commission on its plans for AI and our response to their paper.
In the US, we held a successful virtual roundtable addressing “How will COVID-19 Change the US Federal Privacy Debate” with CIPL members, CIPL Global Strategy Advisor Terry McAuliffe, US FTC Commissioner Wilson and US Hill staffers. Following the roundtable, we developed a white paper on this topic together CIPL’s Senior Policy Advisor Professor Fred Cate.
In Brazil, we’re finalizing a white paper on the top implementation priorities for organizations under the new Brazilian privacy law (Lei Geral de Proteção de Dados Pessoais – LGPD), and preparing the next series of virtual meetings on key aspects of the law. This will come timely as the LGPD will soon become applicable. In addition, we’ve published a paper on “The Role of the Brazilian Data Protection Authority” (Autoridade Nacional de Proteção de Dados – ANPD) and organized a webinar on this topic. The webinar gained wide media attention due to the announcement by the Secretary-General of the Presidency of the Republic, who spoke at the webinar, that the decree to establish the ANPD was ready for publication – the decree was published on the week following our webinar.
Highlights from the January - March 2020 Quarterly Report include: