On 10 July 2023, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”). The adequacy decision is designed to relieve U.S.-based businesses and other institutions and...more
In a dramatic and widely reported decision of 12 July 2020 in the case known as Schrems II (Data Protection Commissioner v Facebook Ireland Ltd), the Court of Justice of the European Union (“CJEU”) invalidated the decision of...more
Earlier this week, the Court of Justice of the European Union, perhaps for the first time, drew a territorial limitation to the requirements imposed under the General Data Protection Regulation (‘GDPR’). The court held that...more
9/26/2019
/ Corporate Counsel ,
Cross-Border ,
EU ,
General Data Protection Regulation (GDPR) ,
Google ,
Jurisdiction ,
Member State ,
Personal Data ,
Privacy Laws ,
Right to Be Forgotten ,
Search Engines
The EU General Data Protection Regulation (GDPR), which is billed as the most important development in data privacy regulation in at least 20 years, arrived with a bang in May of this year and companies have been scrambling...more
Three recent cases demonstrate that data privacy enforcement is on the rise in the United Kingdom. These and similar cases signal a new direction in enforcement action suggesting higher penalties, more frequent prosecutions...more
In April 2016, the European Union adopted new legislation on data protection. The part relevant to private enterprises (EU Regulation 2016/679) is known as the General Data Protection Regulation or “GDPR.” The GDPR is subject...more
Following the formal approval of the EU-U.S. Privacy Shield by the European Commission on 8 July 2016, the arrangement will come into force in the U.S. commencing 1 August 2016 and will provide a convenient framework to allow...more
7/20/2016
/ Binding Corporate Rules ,
Data Processors ,
Data Protection Authority ,
Department of Transportation (DOT) ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Self-Certification ,
Standard Contractual Clauses ,
Third-Party ,
U.S. Commerce Department
Significant uncertainty and concern regarding US companies’ ability to process and use personal data received from the EU has loomed since the October 2015 decision by Europe’s highest court invalidating the EU-US Safe...more
2/5/2016
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ombudsman ,
Personal Data ,
Standard Contractual Clauses ,
Surveillance ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
On November 6, 2015, The EU Commission published a communication addressed to the European Parliament and the EU Council in an attempt to reduce current legal uncertainties surrounding the transfer of personal data from...more