No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Life With GDPR - Data Transfer Update
Life with GDPR - Data Transfers from EU/UK to US
Everything Compliance - The Elon Etc Edition
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
On May 14, 2025, the European Data Protection Board ("EDPB") issued a favorable opinion on granting a six-month extension to the existing adequacy decisions for the UK, following a formal proposal from the European...more
On May 2, 2025, the Irish Data Protection Commission (“DPC”) issued a decision, as lead supervisory authority, finding that TikTok infringed the GDPR regarding (a) its cross-border transfers of EEA User Data to China, and (b)...more
Last month, the European Data Protection Board – which is composed of the national data protection authorities (‘Supervisory Authorities’) of the countries in the European Economic Area (‘EEA’), as well as the European Data...more
On 28 June 2021, just two days before the interim EU-UK data transfer “bridging mechanism” expired under the Trade and Cooperation Agreement, the European Commission (EC) adopted two adequacy decisions for the UK to...more
On June 4, 2021, the European Commission adopted two new sets of standard contractual clauses (SCCs): one for data transfers from data controllers to data processors and one for data transfers from data exporters to data...more
On December 24, 2020, the European Commission and the United Kingdom reached an agreement in principle on the long-awaited Trade and Cooperation Agreement (the “Trade Agreement”). For now, transfers of personal data from the...more
Latham develops new resource to identify considerations for assessing SCC and BCR data transfers in Europe. Following the Schrems II decision in July 2020, organisations relying on the standard contractual clauses (SCCs) or...more
On July 17, 2020, the European Data Protection Board (‘EDPB’) published a statement on the outcome of the Schrems II judgment, passed by the Court of Justice of the European Union (‘CJEU’) the day before. The judgment...more
In a landmark decision in what is popularly known as the "Schrems II" case, the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield, the framework that facilitated the transfers of personal data from...more
In a highly anticipated Schrems II decision, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield, the legal framework allowing transatlantic exchanges of personal data for commercial purposes...more
The Court of Justice of the European Union (CJEU) Invalidates the EU-U.S. Privacy Shield- On July 16, 2020, the CJEU invalidated the EU-U.S. Privacy Shield (the Privacy Shield) in its decision in Facebook Ireland v. Schrems...more
Following a legal challenge to the validity of data transfers from organizations in Europe to organizations in countries like the United States, the opinion of the Advocate General (AG) of the Court of Justice of the European...more
1. CJEU finds Safe Harbor Invalid - In a landmark ruling delivered today, Europe's highest court, the Court of Justice of the European Union (CJEU) declared that the EU Commission's US - EU Safe Harbour regime is...more