Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
In politically uncertain times, is your organisation’s data transfer compliance unquestionable? The EU-U.S. Data Privacy Framework (DPF) serves as a useful mechanism for transatlantic data transfers, and it can assist...more
The Federal Trade Commission (FTC) has a long-standing habit of creating legal obligations through blog posts. Recent communications from the FTC by way of its Office of Technology Blog evidence an aggressive expectation...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
The European Commission published a very significant adequacy decision last week, which is expected to facilitate transfers of personal information from Europe to the United States. The decision came as part of the...more
Swiftly on the heels of the U.S. announcing it fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the Framework), the European Commission (the EC) formally recognized that commercial organizations...more
On July 10, 2023, the European Commission (“EC”) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). Nearly three years after the Court of Justice of the European Union (“CJEU”)...more
On July 10, 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (“Adequacy Decision”). This ends a three-year journey to set up a successor to the EU-U.S. Privacy...more
After the recent Court of Justice of the European Union decision on sensitive inferences that can be drawn from the name of your spouse, it is fair to ask: Is everything sensitive data (special category data)?...more
Generally, contact tracing refers to an effort by public health officials to identify individuals with whom a patient who has tested positive for an infectious disease has been in close proximity. Public health officials will...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
On July 7, the Court of Justice of the European Union (ECJ) invalidated the EU-US Privacy Shield framework in its ruling in Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems (Case C-311/18). More than...more
On July 16, 2020, the Court of Justice of the European Union (CJEU) issued its anxiously-awaited judgment in the Schrems II case. The CJEU’s decision upheld the Standard Contractual Clauses (SCCs) but, somewhat surprisingly,...more
On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield, ruling, among other things, that U.S. domestic law...more
The European Data protection Board (“EDPB”), which is composed of representatives of the national data protection authorities, and the European Data Protection Supervisor, adopted its report on the second annual review of the...more
EU and US laws prohibit merging companies from implementing reportable transactions until their deal is cleared or the statutory waiting period has expired. Violations of this principle are colloquially known as “gun-jumping”...more
2018 promises to be an interesting year in the world of privacy and cybersecurity. In this article, we highlight a few of the most notable developments we expect this year, including major developments in Europe, changes and...more
Hot on the heels of the European Commission’s official review of the functioning of the EU-U.S. Privacy Shield framework, the Article 29 Working Party (Working Party) of EU data protection regulators has issued its own report...more
The final version of Privacy Shield (which has not yet been officially published) passed the Article 31 Committee vote on July 8th and is being presented on July 11th to the LIBE committee of the European Parliament. LIBE’s...more
On February 29, following an earlier February 2 announcement, but with few details, the U.S. Secretary of Commerce released letters to the European Commission setting forth the EU-U.S. Privacy Shield Principles along with...more
At the start of February, the European Commission announced it had finally struck a deal with the US Department of Commerce on Safe Harbor's replacement. Below, we address some of the key questions organisations are asking...more
On February 2, 2016, representatives from the European Commission and the United States announced a preliminary agreement on the “Privacy Shield,” a framework that legitimizes transfers of personal data from the EU to the...more
The European Commission (EC) and the U.S. Department of Commerce have reached an agreement to create a framework for transfers of personal data from the European Union to the United States. The framework, named the EU-U.S....more
As negotiators for the US Department of Commerce (“DOC”), Federal Trade Commission (“FTC”), and the European Commission move towards an agreement intended to allow continued US-EU data transfers, a closer look at the history...more
United States and European Union Commission negotiators announced today that they have reached a political agreement on a new data transfer framework that will replace the Safe Harbor Program, which was invalidated in 2015 by...more
On February 2, 2016, the European Commission and the U.S. Department of Commerce reached an accord on a new transatlantic data transfer protocol. Nicknamed the EU-U.S. Privacy Shield, the framework would replace the...more