U.S. companies can now self-certify to permit personal data to freely flow from the Europe to the United States. U.S. organizations can now self-certify their compliance with the EU-U.S. Data Privacy Framework (DPF) to...more
At the end of June, the European Data Protection Board (EDPB) published its Recommendations (Recs) on Binding Corporate Rules (BCRs). Among other things, the Recs require existing and in process BCRs to: - Incorporate...more
Businesses are now prohibited from transferring employee personal data from the European Economic Area (EEA) to the U.S. under the EU-U.S. Privacy Shield program. The Court of Justice of the European Union (CJEU) declared the...more
On July 22, 2020, the European Data Protection Board (‘EDPB’) released an information note on Binding Corporate Rules (‘BCRs’), which provides guidance for groups of undertakings/enterprises which have the UK ICO as their...more
McDermott Will & Emery, in partnership with Ankura is hosting an in depth webinar to discuss the complexity of global data transfer post-GDPR. Having analysed the marketplace trends and delivered BCR projects, our panel...more
On 29 March 2019, the UK will formally leave the EU unless an extension, or a negotiated solution, is agreed between the UK and the European Commission. There is currently no agreement regarding the UK's status from a data...more
On May 25, 2015, the French data protection authority (CNIL) published its annual inspection program for 2015, unveiling its objectives and priorities for the year. This alert highlights the main priorities of the CNIL for...more
The Director of the Federal Insurance Office (FIO), Michael McRaith, recently testified before the House Financial Services Subcommittee on Housing and Insurance regarding the impact international regulatory standards have on...more
On 1 January 2013, over 4 years after the idea was first discussed, new Binding Corporate Rules (BCRs) for data processors were launched following a meeting of European data protection authorities....more