Skip to main content
Mamo TCV Advocates: New Data Protection Law Relating to Third Party rights
Data Protection and Privacy

New Law enables Third Parties to a Contract to benefit from Data Protection Rights

A recently published Legal Notice (204 of 2023) has created the “Enforcement of the Rights of Data Subjects in relation to Transfers of Personal Data to a Third Country or an International Organisation Regulations” (Subsidiary Legislation 586.12). This marks the first time that an entirely new subsidiary law has been enacted under the auspices of the Data Protection Act (Chapter 586 of the laws of Malta), since June 2018, shortly after the coming into force of the GDPR. S.L. 586.12 resolves a long-standing lacuna in the field of Maltese data protection law. The scope and purpose of this new law…
Mamo TCV Advocates
30th August 2023
The European Data Protection Board has issued its Opinion on the European Commission’s Draft Adequacy Decision which constitutes a new framework for transatlantic transfers of personal data.
Data Protection and PrivacyLegal Updates

The EDPB Issues Opinion on the New EU-U.S. Data Privacy Framework

On the 28th of February 2023, the European Data Protection Board (hereinafter referred to as the “EDPB”) issued its Opinion on the European Commission’s draft adequacy decision regarding the EU-U.S. Data Privacy Framework. Whilst acknowledging the significant improvements made to the Data Privacy Framework such as the improved new redress mechanism under the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities, the EDPB’s opinion also highlighted some issues of concern which had previously been raised so as to ensure that the new adequacy decision will be long-lasting. The principal issues of concern specifically relate to the data…
Mamo TCV Advocates
3rd March 2023
U.S. President Joe Biden has recently signed an Executive Order implementing the commitments made by the U.S. in the agreement reached with the EU concerning a new EU-U.S. data privacy framework.
Data Protection and Privacy

The New EU-US Personal Data Transfer Framework

The agreement on a new EU-U.S. data privacy framework between EU Commission President Ursula Von Der Leyen and U.S. President Joe Biden had already been announced on 25 March 2022 (for background, please refer to our previous article The EU-US Privacy Shield: Third Time’s a Charm? - Mamo TCV). However, the stability and longevity of the agreement was questioned by Austrian privacy activist Max Schrems who sent an open letter to stakeholders as a warning that the new framework risks being declared invalid, and consequently being struck down by the CJEU, should no reforms to U.S. law take place to…
EU Legislation
Data Protection and PrivacyLegal Updates

Deadline for Third Country Personal Data Transfers: EU Standard Contractual Clauses

On 27th June 2021, the European Commission unveiled the new set of EU Standard Contractual Causes (‘SCCs’) that are to be used in instances when personal data are to be transferred from the EU/EEA to a third country. These new SCCs replaced an older version and are now required in those instances where the old SCCs were being relied on, as opposed to other derogations that may be applicable, for any contract involving transfers of personal data to third countries, signed after the 27th September 2021. Meanwhile a transitory ‘grace’ period was granted to any contracts which already incorporated the…
Mamo TCV Advocates
31st October 2022
The EU Data Act – Not Another GDPR
Data Protection and Privacy

The EU Data Act – Not Another GDPR

On 23 February 2022, the EU Commission proposed measures regulating the use and access of data, not being ‘personal data’ as understood by the GDPR, within the European Union across all economic sectors. The regulation of the use of data is essential given that data continues to be generated yet underutilised. The draft Regulation is to be read in conjunction with the EU’s Data Governance Act. The aim of the Data Act is to lay down common standards on the re-use of data across sectors. In this manner, the Act operates together with other legislation that has failed to address…
Hacker stealing data
Data Protection and PrivacyWebinars

Mamo TCV Webinar │ The EU GDPR: Frequently Asked Questions

The EU GDPR (Regulation 2016/679/EU) came into effect across the EU on 25 May 2018. Many organisations in the EU, including Malta, have now implemented measures to comply with this important law. However, there are many questions that are asked on a regular basis. This webinar will: 1. Address frequently asked questions relating to the GDPR including: "Am I a Data Controller?" "Am I a Data Processor?" "Am I a Joint Data Controller with someone else?" “Do I always need ‘consent’ to process personal data?” "Do I always have to comply with a data subject access request under EU/Maltese law?"…
Mamo TCV Advocates
29th August 2022