Rachel Claire Kurzweil on International Data Transfers

DIFC Issues Landmark Adequacy Decision Regarding the California Consumer Privacy Act

On August 7, 2023, the Commissioner of Data Protection of the Dubai International Financial Centre (the DIFC), a financial free-zone in the United Arab Emirates, issued the first adequacy decision regarding the California...more

8/18/2023 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Management , Data Privacy , Data Protection , Dubai , Information Governance , International Data Transfers , Personal Data , United Arab Emirates (UAE)

Significant Impact on Personal Data Transfers Due to the New Standard Contractual Clauses and Final Guidance on Supplementary...

On September 27, 2021, all new contracts that involve cross-border personal data transfers must incorporate the updated standard contractual clauses (“New SCCs”) for controllers and processors. On June 4, 2021, the European...more

9/29/2021 / Court of Justice of the European Union (CJEU) , Cybersecurity , Data Protection , EU , European Data Protection Board (EDPB) , European Economic Area (EEA) , General Data Protection Regulation (GDPR) , International Data Transfers , Standard Contractual Clauses

Cross-Border Personal Data Transfers: Proposed New SCCs Impose Significant Restrictions on Businesses

The European Commission recently published two highly anticipated draft documents to facilitate data transfers. The first was the new, updated and modernised standard contractual clauses (“New SCCs”) for the transfer of...more

1/26/2021 / EU , European Commission , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data , Schrems I & Schrems II , Standard Contractual Clauses

Draft Guidance on Supplementary Measures for Cross-Border Personal Data Transfers

On November 10, 2020, the recently established Taskforce of the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area (EEA),...more

12/14/2020 / Court of Justice of the European Union (CJEU) , Cybersecurity , Data Protection , EU , European Data Protection Board (EDPB) , European Economic Area (EEA) , General Data Protection Regulation (GDPR) , International Data Transfers , Schrems I & Schrems II , Standard Contractual Clauses

New DIFC Data Protection Law in Force - What You Need to Know

On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more

Court of Justice of the European Union Rules Privacy Shield Invalid and Standard Contractual Clauses Can Remain But Only in...

On July 16, 2020, the Grand Chamber of the Court of Justice of the European Union (CJEU) in Luxembourg handed down its highly anticipated judgment in a case brought by privacy activist Max Schrems (C-311/18, Data Protection...more

7/20/2020 / Court of Justice of the European Union (CJEU) , Data Controller , Data Processors , Data Protection , EU , EU-US Privacy Shield , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data , Safe Harbors , Standard Contractual Clauses

Major Boost for Standard Contractual Clauses Challenged by the Schrems 2.0 Case, but More Uncertainty for the Privacy Shield

We reported in July 2019 that the Court of Justice of the European Union (CJEU) heard a case brought by privacy-rights activist Max Schrems, challenging the validity of Standard Contractual Clauses (SCCs), which are widely...more

12/24/2019 / Advocate General , Binding Corporate Rules , Court of Justice of the European Union (CJEU) , Data Privacy , Data Protection , Data Subjects Rights , EU , EU-US Privacy Shield , European Commission , International Data Transfers , National Security , Personal Data , Privacy Laws , Standard Contractual Clauses , US-EU Safe Harbor Framework

The case of Schrems 2.0 – the challenge to Standard Contractual Clauses allowing personal data transfer outside the European Union

On 9 July 2019, the Court of Justice of the European Union (CJEU) in Luxembourg heard a case brought by privacy-rights activist Max Schrems (C-311/18, Data Protection Commissioner v Facebook Ireland Limited, Maximilliam...more

7/11/2019 / Article 29 Working Party (WP29) , Binding Corporate Rules , Court of Justice of the European Union (CJEU) , EU , EU-US Privacy Shield , International Data Transfers , Personal Data , Safe Harbors , Schrems I & Schrems II , Standard Contractual Clauses

Proposed Guidance on the Extraterritorial Scope of the GDPR

The EU General Data Protection Regulation (GDPR), which revised and sought to ensure greater harmonization of the European Union’s data protection framework, took effect in May 2018. Among the changes it introduced was the...more

2/21/2019 / Cybersecurity , Data Controller , Data Privacy , Data Processors , Data Protection , Data Security , Data Subjects Rights , EU , Extraterritoriality Rules , General Data Protection Regulation (GDPR) , Goods or Services , International Data Transfers , Proposed Guidance

Non-profit Activists’ Strategic Pursuit of Alleged GDPR Violations Spurs Compliance Developments

• Non-profit organizations are testing companies’ GDPR compliance through targeted requests for information and other means and are filing complaints against allegedly non-compliant companies. • Main areas for non-profit...more

1/28/2019 / Australia , CNIL , Cybersecurity , Data Collection , Data Protection , EU , EU-US Privacy Shield , General Data Protection Regulation (GDPR) , Google , International Data Transfers , Nonprofits , Personal Data , Popular , Request For Information

Rachel Claire Kurzweil

Akin Gump Strauss Hauer & Feld LLP

Popular Topics by This Author

Latest Posts › International Data Transfers