While the authorities’ publications on AI have recently tended to be in the area of data protection (such as the EDPB, which we covered here and here), the European Commission has recently published its first set of [draft]...more
The European Commission today approved the long-awaited framework for data transfers to the United States. What is the decision about? Today's decision means that organisations subject to the GDPR can benefit from an adequacy...more
This is an update to our previous coverage of the Digital Services Act (“DSA”). The final text of Europe’s (EU) Digital Services Act (“DSA”) was recently approved by the Council of the EU Member States. That means that the...more
On June 4, 2021, the European Commission (the “Commission”) published its implementing Decision adopting standard contractual clauses for transfer of personal data to third countries (the “SCCs”) designed to comply with the...more
After more than a year of negotiations the final text of Europe’s (EU) Digital Services Act (“DSA”) has been agreed upon by the EU Parliament, the French Presidency of the Council of the EU, and the European Commission (“EU...more
The United States ("U.S.") and the European Commission ("EU Commission") recently announced an “agreement in principle” to develop a new Trans-Atlantic Data Privacy Framework (“Framework”). The Framework is intended to...more
On June 7, 2021, the European Commission (Commission) published its long-awaited Implementing Decision adopting standard contractual clauses for the transfer of personal data to third countries referred to as the new Standard...more
Orrick's Cyber, Privacy & Data Innovation and IP Licensing & Technology Transactions groups cover the top 10 things you need to know about the new Standard Contractual Clauses ("SCCs") published today by the European...more
6/7/2021
/ Corporate Counsel ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Model Clauses ,
Model Contracts ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK ,
UK ICO
Assessment List for Trustworthy Artificial Intelligence -
On July 17, 2020, the European High-Level Expert Group on Artificial Intelligence (“AI HLEG”) presented its final Assessment List for Trustworthy Artificial...more
8/20/2020
/ Artificial Intelligence ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Ethics ,
European Commission ,
Human Rights ,
Information Governance ,
Popular ,
Privacy Concerns ,
Regulatory Oversight ,
Small and Medium-Sized Enterprises (SMEs) ,
Sustainable Business Practices ,
Transparency
The European Court of Justice (CJEU) published its highly anticipated judgement in the case of Data Protection Commissioner Ireland v Facebook Ireland Limited, Maximillian Schrems, colloquially known as “Schrems 2.0”. There...more
7/17/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Safe Harbors ,
Standard Contractual Clauses
As of, August 1st, 2016, U.S. companies can now join the Safe Harbor successor EU-U.S. Privacy Shield (the “Privacy Shield”) for personal data transfers from the EU to the U.S.
This post gives a high level summary of...more
8/2/2016
/ Certification Requirements ,
Data Protection ,
Data-Sharing ,
Department of Transportation (DOT) ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Interstate Commerce ,
Personal Data ,
Self-Certification ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
After receiving the approval of the EU Member States, through the Article 31 Committee, last Friday, the European Commission has today, July 12th, 2016, formally adopted the Adequacy Decision necessary to implement the...more
While EU regulators determine whether to adopt a new agreement for transfers of personal data from Europe to the United States to replace the invalid EU-U.S. Safe Harbor Framework, German data protection authorities have not...more
5/11/2016
/ Corporate Counsel ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
European Commission ,
Germany ,
International Data Transfers ,
Personal Data ,
Popular ,
US-EU Safe Harbor Framework
Bad news for companies relying on transatlantic data flows as, once again, the transfer of personal data from Europe to the United States is called into question by the Article 29 Working Party (the “Working Party”), an...more
On 29 February 2016 the European Commission issued the legal texts of the EU-U.S Privacy Shield which aims to replace the defunct EU-U.S Safe Harbor Framework as a legitimate mechanism for transferring personal data from the...more
Yesterday, German federal and state (Länder) data protection authorities ("DPAs") issued a Position Paper following the recent Court of Justice of the European Union ("CJEU") ruling that struck down the EU-US Safe Harbor...more
10/27/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Cloud Computing ,
Cybersecurity ,
Data Privacy ,
Data Protection Authority ,
European Commission ,
European Court of Justice (ECJ) ,
Germany ,
International Data Transfers ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
US-EU Safe Harbor Framework
The European Court of Justice’s (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
10/20/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Compliance ,
Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
The European Court of Justice's (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
10/19/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
Thousands of U.S. and European companies who rely on the EU–US Safe Harbor Framework to permit the transfer of personal data from the EU to the U.S., have come a step closer to seeing the transfer mechanism struck down....more
10/1/2015
/ Advocate General ,
Cloud Computing ,
Compliance ,
Cross-Border ,
Data Loss Prevention ,
Data Protection ,
Data Security ,
Data Transfers ,
Dispute Resolution ,
Edward Snowden ,
Email ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Economic Area (EEA) ,
International Data Transfers ,
Personal Data ,
Safe Harbors ,
US-EU Safe Harbor Framework