On July 10, 2023, the European Commission adopted an adequacy decision for the new EU-US Data Privacy Framework (“DPF”), the revamped transatlantic framework designed to support transfers of personal data from the EU to...more
7/19/2023
/ Adequacy Requirement ,
Binding Corporate Rules ,
Certification Requirements ,
Data Privacy ,
EU ,
Executive Orders ,
Framework Agreement ,
International Data Transfers ,
Personal Data ,
Privacy Framework ,
Standard Contractual Clauses ,
Switzerland ,
UK
On June 4, 2021, the European Commission (the “EC”) abolished the old Standard Contractual Clauses (the “Old SCCs”) and published a new more flexible set of clauses (the “New SCCs”) for companies that wish to export personal...more
On October 7, 2022, President Biden signed an Executive Order on “Enhancing Safeguards for United States Signals Intelligence Activities,” establishing new privacy safeguards and oversight mechanisms for foreign intelligence...more
10/10/2022
/ Administrative Review Board ,
Biden Administration ,
Civil Liberties ,
Court of Justice of the European Union (CJEU) ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
Executive Orders ,
Foreign Intellgence ,
International Data Transfers ,
National Intelligence Agencies ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
Surveillance
The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reins on how the New SCCs cover data transfers and what companies need to do to take advantage...more
8/27/2021
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Transfers ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Impact Assessments ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
Risks of non-compliance with the GDPR keep increasing with data protection authorities (DPAs) now ordering suspension of transfers of personal data to the U.S. In March, the Bavarian DPA found there was an unlawful transfer...more
On 21 April 2021, the European Commission unveiled a proposal for an EU Artificial Intelligence Regulation (“Proposal”). The Proposal recognizes that AI offers significant benefits and opportunities for the EU market, but...more
4/27/2021
/ Artificial Intelligence ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Distributors ,
EU ,
European Commission ,
Fines ,
Importers ,
Member State ,
Proposed Regulation ,
Recordkeeping Requirements ,
Registration Requirement ,
Regulatory Oversight ,
Transparency
Earlier this year, the European Data Protection Board (“EDPB”) issued additional guidance on the application of the General Data Protection Regulation (“GDPR”) in the area of scientific health research.
In key takeaways...more
3/5/2021
/ Consent ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
Personal Data ,
Scientific Research