A ruling by the EU’s top court invalidates the key mechanism for transferring personal data from the EU to the US and imposes additional conditions for use of the standard contractual clauses.
On 16 July 2020, the Court of...more
In less than one year, from 25 May 2018, the General Data Protection Regulation (GDPR or Regulation) will become enforceable. The GDPR introduces a rigorous, far-reaching privacy framework for businesses that operate, target...more
6/2/2017
/ CNIL ,
Data Controller ,
Data Processors ,
EU ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
Multinationals ,
UK ,
UK Brexit ,
UK Data Protection Act
Well ahead of the implementation deadline for the European General Data Protection Regulation (GDPR), the German Parliament (Bundestag) passed a new Federal Data Protection Act (Bundesdatenschutzgesetz) on April 27, 2017. The...more
As the whole world now knows, the UK voted to leave the European Union (EU) in its historic referendum on 23rd June by a vote of 51.9 percent in favour of “leave” to 48.1 in favour of “remain”. This blog focusses on how that...more
6/28/2016
/ Binding Corporate Rules ,
EFTA ,
EU ,
European Economic Area (EEA) ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
Referendums ,
Standard Contractual Clauses ,
UK ,
UK Brexit ,
UK Data Protection Act
On March 17, 2016, the Civil Liberties Committee convened to discuss whether the Privacy Shield framework that will replace Safe Harbor provides adequate protection to the data of EU citizens. A number of experts were...more
3/24/2016
/ Article 29 Working Party (WP29) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Judicial Redress Act ,
Ombudsman ,
Personal Data ,
Standard Contractual Clauses ,
Surveillance ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
Earlier this week, the European Commission announced that a “political” agreement has been reached on a new framework for data flows from the EU to the US. The announcement highlights a few changes from the old Safe Harbor...more
2/5/2016
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Ombudsman ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
US-EU Safe Harbor Framework
On November 6, the European Commission issued a comprehensive Communication on the consequences of the Schrems Judgment of the Court of Justice of the European Union (ECJ). In the Communication, the Commission puts national...more
On October 26, the European Commissioner Vera Jourová addressed the Parliament Committee on Civil Liberties, Justice and Home Affairs to discuss the consequences of the Schrems Judgment of the Court of Justice of the European...more
An early Position Paper of the German data protection authority of Schleswig-Holstein on the Schrems Judgment of the Court of Justice of the European Union (ECJ) gave little hope for practical alternatives to Safe Harbor. On...more
10/27/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Data Protection ,
Data Protection Authority ,
EU ,
European Court of Justice (ECJ) ,
Germany ,
International Data Transfers ,
Member State ,
Model Contracts ,
Schrems I & Schrems II
The so called Article 29 Working Party met on October 15, 2015 to discuss the consequences of the Schrems Judgment of the European Court of Justice (ECJ). On October 16, 2015, the Working Party published a Statement...more
10/19/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Judicial Redress Act ,
Legislative Agendas ,
Member State ,
Model Contracts ,
Schrems I & Schrems II
On October 6, the European Court of Justice ruled that Decision 2000/520 of the European Commission, which stated that Safe Harbor-certified US companies provide adequate protection for personal data transferred to them from...more
10/7/2015
/ Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
EU Directive ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Member State ,
Model Contracts ,
US-EU Safe Harbor Framework
On September 23, the European Court of Justice heard the case which will determine whether US companies can rely on Safe Harbor as a measure to provide adequate privacy protection for personal data imported from the European...more