News & Analysis as of August 3, 2025

Corporate Counsel

+ Follow

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -

Right to Erasure in the Spotlight as EU Data Protection Board Launches 2025 Coordinated Action

Baker Botts L.L.P. on 3/31/2025

The European Data Protection Board (EDPB), the independent EU body responsible for ensuring the consistent application of the EU General Data Protection Regulation (GDPR) across all EU member states, has kicked off its...more

International Data Transfers: Lessons from the EDPB’s “101 Task Force”

Alston & Bird on 4/25/2023

In August 2020, privacy activist organization NOYB – European Center for Digital Rights filed 101 complaints with the EU Supervisory Authorities (‘SAs’) in connection with the transfer of personal data from Europe to...more

Meta Fines Expose EU Regulators’ Differences and Highlight Fundamental Issues for Data Controllers

Faegre Drinker Biddle & Reath LLP on 1/18/2023

Meta Ireland (Meta) has recently been issued with two fines by the Irish Data Protection Commission (DPC) for breaches of the EU General Data Protection Regulation (GDPR) relating to advertisements run on its Facebook and...more

CJEU AG Sets High Bar for Responses to Data Subject Access Requests

Latham & Watkins LLP on 6/23/2022

The Advocate General argues that organisations should provide individuals with information on the specific recipients of their personal data. Advocate General Giovanni Pitruzzella (AG) of the Court of Justice of the...more

6 Things You Need to Know About United Kingdom (UK) International Data Transfers

Orrick, Herrington & Sutcliffe LLP on 3/2/2022

In February 2022, the United Kingdom (UK) Information Commissioner’s Office (“ICO”), along with the data protection authority (“DPA”) in the UK, published three new documents ("UK Documents") which update the UK's position on...more

5 Key Takeaways from the EDPB’s Final Guidelines on Examples Regarding Personal Data Breach Notification

Wyrick Robbins Yates & Ponton LLP on 1/20/2022

Following a public consultation on an initial version released last January, the European Data Protection Board (“EDPB”) last month adopted a final version of its Guidelines on Examples regarding Personal Data Breach...more

BCLP Global Data Privacy FAQs: What counts as a “transfer” of data under the EU GDPR? New draft EU Guidelines released

BCLP on 12/2/2021

It is well known that the EU GDPR (specifically, Chapter V) restricts transfers of personal data from the EU to a “third country” (i.e. a jurisdiction outside the EEA) or to an international organisation. But what is meant by...more

September 27 Deadline Looming for EU Standard Contractual Clauses

Alston & Bird on 9/16/2021

On June 4th, the European Commission issued modernized Standard Contractual Clauses (SCCs) under the EU General Data Protection Regulation (GDPR) for data transfers from controllers or processors in the EU/EEA (or otherwise...more

European Commission Adopts Two New Sets of Standard Contractual Clauses: What Employers Need to Know

Ogletree, Deakins, Nash, Smoak & Stewart,... on 6/14/2021

On June 4, 2021, the European Commission adopted two new sets of standard contractual clauses (SCCs): one for data transfers from data controllers to data processors and one for data transfers from data exporters to data...more

European Commission Adopts New Service Providers Standard Agreement (Controller-Processor SCCs)

Mintz - Privacy & Cybersecurity Viewpoints on 6/9/2021

The new standard agreement for service providers (which we’ll refer to as the Controller-Processor SCCs) adopted by the European Commission on June 4th was understandably a bit overshadowed by the release on the same date of...more

The EU Commission’s New SCCs for International Transfers: Top 5 Immediate Takeaways

Wyrick Robbins Yates & Ponton LLP on 6/9/2021

Ending months of anxious speculation from privacy lawyers around the globe, the European Commission announced on Friday that it had adopted final versions of the new Standard Contractual Clauses (the “New SCCs”) for the...more

Keeping Transborder Data Flowing Post-Schrems II: EU Adopts Revised Standard Contractual Clauses

Vinson & Elkins LLP on 6/7/2021

On June 4, 2021, the European Commission announced the definitive adoption and publication of revamped Standard Contractual Clauses (“SCCs”) for the transfer of personal data to third countries pursuant to the EU General Data...more

The European Commission issues Schrems II-proof Standard Contractual Clauses to allow global dataflows

Hogan Lovells on 6/4/2021

Following the coming into effect of the GDPR three years ago and in light of last year’s Schrems II decision, the European Commission has adopted a new set of Standard Contractual Clauses (SCCs) aimed at enabling lawful...more

European Data Protection Board Forms Two New Taskforces to Address Schrems II Aftermath

Akin Gump Strauss Hauer & Feld LLP on 9/14/2020

On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more

EDPB Issues Guidance For Cross-Border Data Transfers In Wake of Schrems II Judgment

Husch Blackwell LLP on 7/27/2020

Keypoint: The EDPB’s FAQs resolve some open questions, such as whether there will be a grace period for companies relying on Privacy Shield, but raise other questions, such as what “supplementary measures” companies need to...more

European Guidance On Data Controller And Processor Relationship Has Takeaways For GDPR, CCPA Compliance

Fox Rothschild LLP on 11/14/2019

The European Data Protection Supervisor (EDPS) has issued guidance on the concepts of data controller and processor for European Union organizations. Though it covers EU institutions, the guidance contains many concepts that...more

GDPR Implementation By The (Really Big) Numbers

Fox Rothschild LLP on 2/27/2019

Since May 25, 2018, 206,326(!) GDPR cases have been reported by Supervisory Authorities (SAs) from 31 European Economic Area (EEA) countries. Of those, 94,622 were initiated by individual complaints and 64,684 due to data...more

The GDPR at Six Months: The Hard Work Starts

Faegre Drinker Biddle & Reath LLP on 11/28/2018

Six months have now passed since the implementation of the EU General Data Protection Regulation (GDPR). The GDPR has raised awareness of the importance of personal privacy as a fundamental right and placed data protection...more

GDPR: New Guidelines on Territorial Scope

K&L Gates LLP on 11/26/2018

On November 23, the European Data Protection Board (“EDPB”) - the gathering of all European Union (EU) data protection authorities - adopted new draft guidelines on territorial scope of the GDPR. The EDPB was previously known...more

Use a Third-Party Platform? You Might Be a “Data Controller”

Perkins Coie on 6/12/2018

The European Union’s top court ruled last week that the operator of a Facebook fan page is a “joint controller,” along with Facebook, with respect to personal data collected on such pages. The decision has implications for...more

Working Party Confirms That Employers of All Sizes Must Maintain Article 30 Records of Processing for Human Resources Data

Ogletree, Deakins, Nash, Smoak & Stewart,... on 5/9/2018

On April 19, 2018, the Article 29 Working Party (Working Party), which is comprised of representatives from the data protection authorities in each of the 28 European Union (EU) member states, issued a position paper stating...more

Consent under the GDPR: Official Guidance Now Available

Mintz - Privacy & Cybersecurity Viewpoints on 12/19/2017

One of the most striking changes to EU privacy law under the EU’s General Data Protection Regulation (which goes into effect May 25, 2018) is the very strict approach to user consent. For many years, companies operating in...more

GDPR Breach Notification Checklist

Womble Bond Dickinson on 11/28/2017

U.S. companies now have to consider breach notification requirements under the GDPR in addition to data breach notification laws in the U.S. (enacted by 48 states and numerous regulators). Follow our chart to determine if...more

A Side-By-Side Comparison of “Privacy Shield” and the Controller-Processor Model Clauses: The Easiest Way to Understand What...

BCLP on 7/21/2016

The EU Data Protection Directive 95/46/EC (the “Directive”) creates the legal framework for the national data-protection laws in each EU member state. The Directive states that personal data may only be transferred to...more

A Side-by-Side Comparison of "Privacy Shield" and the "Safe Harbor": The Easiest Way to Understand What Privacy Shield Is and...

BCLP on 7/18/2016

More than 5,000 companies had taken advantage of the now defunct U.S.-EU Safe Harbor Framework. Those companies are now considering whether to join the newly approved “Privacy Shield,” and are trying to understand the...more

28 Results

View per page

Page: of 2

European Union › Data Controller › Corporate Counsel

"My best business intelligence, in one easy email…"