Based on the GDPR, data controllers have several obligations, such as maintaining the records of data processing or in case of joint controllers, entering into an agreement which determines their respective responsibilities for compliance with their data protection related obligations. In a recent case, the Court of Justice of the European Unio (‘CJEU’) needed to decide on the issue whether the non-compliance with these obligations constitutes unlawful processing resulting in the duty to erase the personal data of the data subject.

In the long-awaited aftermath of the havoc caused by the CJEU’s decision (adopted in 2020 in the famous Schrems II case) to invalidate the previously existing EU-US Privacy Shield Framework, the European Commission adopted the adequacy decision promoting the new EU-US Data Privacy Framework (the “Framework”) on 10 July 2023.

On 10 July 2023, the European Commission adopted an adequacy decision for a lawful data transfer from the EU to the USA for the third time. This means that personal data may again be lawfully transferred to the US. This will facilitate the use of US service providers for EU companies.

Smart grids are rapidly becoming the backbone of modern electricity networks. The integration of digital communication and control technologies enables smart grids to optimize electricity generation, distribution, and consumption. However, the increased use of digital technologies and the massive amounts of data generated also raises serious concerns about data security. This article will explore the data security concerns around smart grids.

On July 4, the EU Commission introduced a new Procedural Regulation aimed at enhancing cooperation among data protection authorities (“DPAs“) when enforcing the General Data Protection Regulation (“GDPR“) in cross-border cases.

The BBR Bank has appointed Cvjeticanin & Partners Partner Nenad Cvjeticanin as its data representative for Serbia.