AGG Talks: Cross-Border Business - How Foreign Companies Can Protect Their IP and Brand in the U.S.
AGG Talks: Cross-Border Business - Enterprise Ireland and U.S. Market Entry
Life With GDPR: Exposed – The Shocking PSNI Data Release
Nota Bene Episode 123: Europe Q2 Check In - Brexit Updates and Antitrust Laws in the Digital Economy with Oliver Heinisch
Life With GDPR: Special Emergency Valentine’s Day Edition-Facebook Dawn Raid in Ireland
On May 2, 2025, the Irish Data Protection Commission (“DPC”) issued a decision, as lead supervisory authority, finding that TikTok infringed the GDPR regarding (a) its cross-border transfers of EEA User Data to China, and (b)...more
Closing in on the fifth anniversary of the entry into force of the EU General Data Protection Regulation (GDPR), the Irish Data Protection Commission (DPC) announced on 22 May 2023 that it had fined the Irish subsidiary of...more
On May 22 the Irish Data Protection Commission (“DPC”), Ireland’s data privacy watchdog, issued its final and binding decision against Meta with respect to Facebook’s exporting of personal data from Europe to the US from July...more
On 22 May 2023, the Irish Data Protection Commission (DPC) issued Meta Platforms Ireland Limited (Meta Ireland) with a EUR 1.2 billion (approximately 1.3 billion U.S. dollar) fine for breaches of the GDPR with respect to...more
On 14 March 2022 the Data Protection Commission of Ireland (DPC) handed down a decision in respect of 22 personal data breach notifications made by the Bank of Ireland Group Plc (BOI) between November 2018 and June 2019. The...more
Today saw a key ruling by the Irish High Court which could have wide ranging implications in relation to a range of data use, targeted advertising and data transfers between Europe and the United States. The Irish data...more
Following its Guidance issued on April 6, 2020, the Irish Data Protection Commission signaled its intent to begin enforcement against companies who fail to adhere to the Commission’s guidelines on the use and management of...more
The Court of Justice of the European Union (CJEU) recently issued a decision with global implications for data transfers from the EU in a case referred to the CJEU from the Irish Data Protection Commissioner, colloquially...more
EDPB and data protection authorities’ views and statements on the “Schrems II”- decision by the CJEU - On 16 July, 2020, the European Court of Justice (“CJEU“) passed a decision invalidating the EU-US Privacy Shield and...more
As discussed in an earlier alert, the Court of Justice of the European Union in a landmark decision in the Schrems II case invalidated the EU-US Privacy Shield framework, which was widely used by thousands of US organizations...more
The table below sets out the guidance provided by data protection authorities (DPA) in response to the European Court of Justice’s landmark judgment in Case C-311/18 Data Protection Commissioner v. Facebook Ireland and...more
The Court of Justice of the European Union (“CJEU”), on July 16, 2020, invalidated the European Union-U.S. Privacy Shield Framework (“Privacy Shield”), which more than 5,300 U.S. organizations had relied on to lawfully...more
On July 16, 2020, the Court of Justice of the European Union (CJEU), the supreme court of the European Union on matters involving European Union law, issued its long anticipated decision in the “Schrems II” case ( case...more
On July 16, 2020, Europe’s highest court, the Court of Justice of the European Union, struck down the Privacy Shield, an agreement that permitted companies operating in the European Union (EU) to transfer data to the United...more
On July 16, 2020, the European Court of Justice (Court) ruled in the “Schrems II” case that the one of the most commonly used cross border data transfer mechanisms between the European Union (EU) and the United States (US),...more
In a decision issued on July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the EU-U.S. Privacy Shield Framework, one of the primary tools used by companies in the European Union (EU) to transfer...more
El TJUE se pronuncia sobre la validez del Privacy Shield y las Cláusulas Contractuales Tipo (Responsable-Encargado). En su sentencia, el TJUE ha: (i) invalidado el Privacy Shield como mecanismo para transferir de forma segura...more
The Court of Justice of the European Union (ECJ) has finally issued its decision on the validity of standard contractual clauses (SCCs) in the Irish Data Protection Commissioner’s referral to the ECJ for an opinion on the...more
The European Data Protection Board (EDPB) and a number of European data protection supervisory authorities have recently issued guidance on processing personal data, including special categories of personal data (i.e., health...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more
Companies should identify data flows, implement a data transfer solution, and update internal documents and privacy notices. Since our blog on “What a “No Deal” Brexit Means for UK Data Privacy”, the European Data...more
New Data Protection Act - New Legislation Enacted - On May 24, 2018, Ireland enacted the Data Protection Act of 2018 (Act) as a supplement to the EU’s General Data Protection Regulation (GDPR), which became law in...more
What Now? With its decision on Tuesday 3 October 2017 referring a preliminary question on the validity of the European Union’s “standard contractual clauses” (“SCC”) regime to the Court of Justice of the European Union...more
Executive summary: The EU’s standard contractual clauses may be on the fast track to invalidation, putting a vast number of personal data transfers from the EEA at risk. A case brought by Maximilian Schrems (whose first...more