The Standard Formula Podcast | Solvency II Back to Basics: Third Country Branches and Cross-Border Provision of Services
The Federal Bureau of Investigation (FBI) recently warned employers of increasing security risks from North Korean workers infiltrating U.S. companies by obtaining remote jobs to steal proprietary information and extort money...more
On October 10, 2024, the European Council officially adopted the Cyber Resilience Act (CRA), a regulation designed to ensure that products with digital features are secure to use and resilient against cyber threats, and that...more
On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
On July 10, 2023, the European Commission (the “Commission”) adopted an adequacy decision for the EU-U.S. Data Privacy Framework (the “Framework”). The Framework provides companies that opt in with a legitimate means of...more
On 13 December 2022, the European Commission (“EC”) published its draft adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”) that is intended to foster trans-Atlantic data flows and address the concerns raised by...more
Revolut Data Breach Exposes 50,000 Customers Personal Information, Phishers Take Advantage - Financial technology company Revolut has suffered a data breach affecting over 50,000 of their customers. In a statement given by...more
Przekazywanie danych do państw trzecich dotyczy sytuacji, w których administrator lub podmiot przetwarzający dane osobowe dokonuje transferu danych osobowych do państwa trzeciego, czyli do państwa spoza Europejskiego Obszaru...more
Google Analytics remains a hot topic for businesses and apparently also for data protection authorities (DPAs). With the advent of these new decisions and the new CNIL guidance, businesses have an even harder time justifying...more
On 6 April 2022, following the announcement of the political agreement on a new EU-US Trans-Atlantic Data Privacy Framework having been reached between the European Commission and the United States on 25 March 2022, the...more
In this month’s Privacy & Cybersecurity Update, we analyze the U.S. and EU’s joint commitment to create a new data transfer framework to replace the invalidated Privacy Shield, as well as Utah’s new state privacy law and...more
On Friday, March 25, 2022, US President Joe Biden and European Commission President Ursula von der Leyen jointly announced that a deal has been reached to replace the former Privacy Shield framework governing data transfers...more
EU and UK data protection rules each restrict transfers of personal data to third countries not regarded as having an adequate level of protection, such as the United States, China, Russia and India....more
On September 27, 2021, all new contracts that involve cross-border personal data transfers must incorporate the updated standard contractual clauses (“New SCCs”) for controllers and processors. On June 4, 2021, the European...more
Personal data transfers from the European Economic Area (“EEA”) to most other countries, including the United States, require companies to take prompt compliance action. The General Data Protection Regulation (“GDPR”)...more
In this issue of UK Employment Flash, we examine the latest employment law developments from the UK, including the law governing the return to the workplace and flexible working requests and a proposal to impose a duty on...more
On June 7, 2021, the European Commission (Commission) published its long-awaited Implementing Decision adopting standard contractual clauses for the transfer of personal data to third countries referred to as the new Standard...more
In June, the European Commission published the final version of a new set of standard contractual clauses (SCCs) that can be used to comply with the EU’s General Data Protection Regulation (the “GDPR”). These clauses are of...more
On June 4, 2021, the European Commission adopted its long-anticipated updated Standard Contractual Clauses (New SCCs) for use by organizations transferring personal data outside of the European Economic Area (EEA) to third...more
The European Commission (“EC”) has long sought to improve data privacy for Europeans, even when they interact with global or non-European companies. Laws like the General Data Protection Regulation (or “GDPR”) seek to...more
The European Commission adopted new versions of the Standard Contractual Clauses (SCCs) on June 4, 2021. The new SCCs finally replace the original SCCs adopted under the 1998 European Data Protection Directive (DPD) and did...more
Top 3 Takeaways - On Friday, June 4, 2021, the European Commission adopted two sets of standard contractual clauses, one for use between controllers and processors and one for the transfer of personal data to “third...more
The European Commission recently published an updated version of the standard contractual clauses for the transfer of personal data to third countries ('SCCs'). Companies can use such SCCs to provide the appropriate...more
On June 4, the European Commission (EC) adopted two sets of standard contractual clauses (SCCs) for use between controllers and processers in the European Economic Area (EEA) and for the transfer of data between EEA and...more
After much anticipation, the European Commission has published new Standard Contractual Clauses (SCCs). Under the General Data Protection Regulation (GDPR), when personal data of individuals in the European Economic Area...more