EU: EDPB announces 31st plenary session outcome
The European Data Protection Board ('EDPB') announced, on 10 June 2020, the outcome of its 31st plenary session. In particular, the EDPB outlined that it had decided to establish a task-force to coordinate potential actions and to acquire a more comprehensive overview of TikTok Inc.'s processing and practices across the EU. Specifically, the EDPB recalls that the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') applies to the processing of personal data by a controller, even if it is not established in the EU, where the processing activities are related to the offering of goods or services to data subjects in the EU.
In addition, the EDPB adopted a letter ('the Clearview AI Letter') in relation to the use of Clearview AI, Inc. by law enforcement authorities, highlighting that it has doubts as to whether any EU or Member State law provides a legal basis for using a service such as the one offered by Clearview AI, and that, without prejudice to further analysis, it is therefore of the opinion that the use of a service such as Clearview AI by law enforcement authorities in the EU would likely not be consistent with the EU data protection regime.
Moreover, the EDPB stated that, in response to a letter from the European Union Agency for Cybersecurity ('ENISA') requesting the nomination of a representative to the ENISA Advisory group, it had appointed Gwendal Le Grand, Deputy Secretary-General of the French data protection authority ('CNIL'), as representative.
Lastly, the EDPB published a response letter ('the NOYB Letter') to an open letter by None of your business ('NOYB') in relation to cooperation between the supervisory authorities and the consistency procedures.
UPDATE (12 June 2020)
EDPB publishes letter on Clearview AI use by law enforcement authorities
The EDPB published, on 10 June 2020, the Clearview AI Letter.
You can read the Clearview AI letter here.