Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
On July 4, 2023, the European Commission (EC) published its proposal for a regulation laying down additional procedural rules for the enforcement of the EU General Data Protection Regulation (GDPR) (proposal). The proposal...more
On November 18, 2021, the European Data Protection Board (“EDPB”) issued guidelines on the interplay between provisions in the General Data Protection Regulation (“GDPR”) governing scope and applicability and those governing...more
As of September 27, 2021, the European Commission requires controllers and processors to rely on the recently updated Standard Contractual Clauses (SCCs) for any new contracts governing personal data transfers from the EEA....more
Standard contractual clauses (SCCs) are a contract addendum with provisions governing the handling of personal information. The express language of the SCCs has been preapproved by the European Commission (Commission) to be...more
The European Commission (“EC”) has adopted a long-awaited new set of standard contractual clauses (“SCCs”) for the transfer of personal data to parties in third countries outside the European Union (“EU”) and European...more
Our Privacy, Cyber & Data Strategy Team answers five questions about the standard contractual clauses that aim to ensure compliance with Articles 28(3) and (4) of the General Data Protection Regulation....more
The European Commission’s long-awaited updates to the Standard Contractual Clauses (“SCCs”) have arrived. Data protection lawyers globally have eagerly anticipated these changes, which are necessary to address a legal...more
On June 4, 2021, the European Commission adopted two new sets of standard contractual clauses (SCCs): one for data transfers from data controllers to data processors and one for data transfers from data exporters to data...more
The new standard agreement for service providers (which we’ll refer to as the Controller-Processor SCCs) adopted by the European Commission on June 4th was understandably a bit overshadowed by the release on the same date of...more
The European Commission’s decision of 4 June 2021 finalises the new SCCs for transferring personal data from the EEA. After invalidation of the Privacy Shield by Europe’s top court, many businesses came to rely upon...more
Keypoint: Companies using the previous standard contractual clauses will have eighteen months to transition to the new documents. Today, the European Commission announced that it has adopted “two sets of standard...more
On February 19 2021, the European Union Commission issued its draft adequacy decision for data flows between the European Union (EU) and United Kingdom (UK). Whilst widely expected, this draft decision will provide some...more
The European Commission has published draft updated standard contractual clauses in light of the Schrems II decision. On 12 November 2020, the European Commission (the Commission) published a draft implementing decision,...more
On November 12, 2020, the European Commission (“EC”) published a draft implementing decision on standard contractual clauses (“SCCs”) for the transfer of personal data to third countries pursuant to the General Data...more
The European Data Protection Board and the European Data Protection Supervisor recently issued a joint opinion on the processing of personal data and the role of the European Commission within the eHealth Digital Health...more
On January 23, 2019, the EU Data Protection Board (“EDPB” - the gathering of all European Union (EU) data protection authorities) adopted opinion no. 3/2019 (the “Opinion”) on the interplay between the Clinical Trials...more
The EU Data Protection Directive 95/46/EC (the “Directive”) creates the legal framework for the national data-protection laws in each EU member state. The Directive states that personal data may only be transferred to...more
As a follow up to a previous blog post, as anticipated, the European Commission released the framework for the EU-US Privacy Shield, which replaces the invalidated transatlantic Safe Harbor Program, a system that had...more
The EU Commission has created model contracts for data transfers (the “Model Contracts”) and determined that organizations which use the Model Contracts offer sufficient safeguards for cross-border data transfer as required...more
After the October 6, 2015, decision of the CJEU, it is clear that transfers of personal data may no longer take place under the Safe Harbor. This was confirmed with no ambiguity by the Article 29 Working Party (Group 29,...more
With EU Safe Harbor Invalidated, Companies Ask: What Now? - What happens now?: That is the question that businesses across the country are asking after the Court of Justice of the European Union (CJEU) threw out the...more
The European Union’s highest court has, effective immediately, invalidated the US-EU Safe Harbor program relied upon by many companies as the basis for lawfully transferring and processing personal information from the EU to...more
As I reported earlier today, the Court of Justice of the EU (ECJ) has declared Safe Harbor invalid. The full decision is now available online in English (other languages also available at curia.europa.eu by searching on...more