Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
In politically uncertain times, is your organisation’s data transfer compliance unquestionable? The EU-U.S. Data Privacy Framework (DPF) serves as a useful mechanism for transatlantic data transfers, and it can assist...more
The European Commission published a very significant adequacy decision last week, which is expected to facilitate transfers of personal information from Europe to the United States. The decision came as part of the...more
On July 10, 2023, the European Commission (“EC”) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). Nearly three years after the Court of Justice of the European Union (“CJEU”)...more
On July 10, 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (“Adequacy Decision”). This ends a three-year journey to set up a successor to the EU-U.S. Privacy...more
After the recent Court of Justice of the European Union decision on sensitive inferences that can be drawn from the name of your spouse, it is fair to ask: Is everything sensitive data (special category data)?...more
Generally, contact tracing refers to an effort by public health officials to identify individuals with whom a patient who has tested positive for an infectious disease has been in close proximity. Public health officials will...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
On July 7, the Court of Justice of the European Union (ECJ) invalidated the EU-US Privacy Shield framework in its ruling in Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems (Case C-311/18). More than...more
On July 16, 2020, the Court of Justice of the European Union (CJEU) issued its anxiously-awaited judgment in the Schrems II case. The CJEU’s decision upheld the Standard Contractual Clauses (SCCs) but, somewhat surprisingly,...more
On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield, ruling, among other things, that U.S. domestic law...more
The European Data protection Board (“EDPB”), which is composed of representatives of the national data protection authorities, and the European Data Protection Supervisor, adopted its report on the second annual review of the...more
EU and US laws prohibit merging companies from implementing reportable transactions until their deal is cleared or the statutory waiting period has expired. Violations of this principle are colloquially known as “gun-jumping”...more
2018 promises to be an interesting year in the world of privacy and cybersecurity. In this article, we highlight a few of the most notable developments we expect this year, including major developments in Europe, changes and...more
Hot on the heels of the European Commission’s official review of the functioning of the EU-U.S. Privacy Shield framework, the Article 29 Working Party (Working Party) of EU data protection regulators has issued its own report...more
On February 29, following an earlier February 2 announcement, but with few details, the U.S. Secretary of Commerce released letters to the European Commission setting forth the EU-U.S. Privacy Shield Principles along with...more
At the start of February, the European Commission announced it had finally struck a deal with the US Department of Commerce on Safe Harbor's replacement. Below, we address some of the key questions organisations are asking...more
On February 2, 2016, representatives from the European Commission and the United States announced a preliminary agreement on the “Privacy Shield,” a framework that legitimizes transfers of personal data from the EU to the...more
The European Commission (EC) and the U.S. Department of Commerce have reached an agreement to create a framework for transfers of personal data from the European Union to the United States. The framework, named the EU-U.S....more
As negotiators for the US Department of Commerce (“DOC”), Federal Trade Commission (“FTC”), and the European Commission move towards an agreement intended to allow continued US-EU data transfers, a closer look at the history...more
United States and European Union Commission negotiators announced today that they have reached a political agreement on a new data transfer framework that will replace the Safe Harbor Program, which was invalidated in 2015 by...more
On February 2, 2016, the European Commission and the U.S. Department of Commerce reached an accord on a new transatlantic data transfer protocol. Nicknamed the EU-U.S. Privacy Shield, the framework would replace the...more
The U.S. Department of Commerce and the European Commission announced on Tuesday that they have entered into a new transatlantic safe harbor transfer agreement, which comes two days after the deadline set by EU data...more
Companies should still ensure that they are lawfully transferring data through an alternative mechanism until the details of the Privacy Shield are released. The U.S. Department of Commerce and the European Commission...more
On the same day that groundhog Punxsutawney Phil predicted an early Spring, the EU College of Commissioners brought some sunshine of its own, announcing yesterday that it has reached an agreement with the U.S. on transfers of...more
The October 6, 2015, decision of the Court of Justice of the European Union in the Schrems v. Facebook case left significant uncertainty surrounding the legality and practicality of U.S. technology companies’ ability to...more