Arbitration—data protection and GDPR considerations
Produced in partnership with Charlie Morgan of Herbert Smith Freehills
Arbitration—data protection and GDPR considerations

The following Arbitration practice note produced in partnership with Charlie Morgan of Herbert Smith Freehills provides comprehensive and up to date legal information covering:

  • Arbitration—data protection and GDPR considerations
  • Background to GDPR regimes and DPA 2018
  • Article 29 Working Party guidance
  • Information Commissioner's Office (ICO) guidance
  • The ICCA-IBA Roadmap to Data Protection in International Arbitration
  • Scope and territorial reach of the UK GDPR
  • What constitutes personal data?
  • What constitutes ‘processing’ personal data in arbitration proceedings?
  • Identifying controllers and processors
  • Joint controllers
  • More...

STOP PRESS: The International Court of Arbitration of the International Chamber of Commerce (ICC) has released updates to its ‘Note to Parties and Arbitral Tribunals on the Conduct of Arbitration under the ICC Rules of Arbitration’ (the ICC Note). The revised ICC Note took effect on 1 January 2021 to coincide with the entry into force of the 2021 ICC Arbitration Rules (2021 ICC Rules). The ICC Note was last updated in 2019 and the updated version will apply to all ICC arbitrations regardless of the version of the ICC Arbitration Rules apply in a particular case. For further information on the 2021 ICC Note, see News Analysis: Updates to ICC Note released to reflect 2021 ICC Rules and on ICC arbitration proceedings more generally, see: ICC arbitration—overview.

On 31 January 2020, the UK ceased to be a member of the EU and EEA. This Practice Note introduces:

  1. the General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) regime (applicable under UK law until the end of the Brexit implementation period (11 pm UK time on 31 December 2020) and remaining applicable in the EEA—any references to EEA or EU states in this Practice Note should therefore be read to also include the UK until the end of that implementation period), and

  2. the Retained General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR) regime (applicable

Related documents:

Popular documents