The Standard Formula Podcast | Solvency II Back to Basics: Third Country Branches and Cross-Border Provision of Services
Last month, the European Data Protection Board – which is composed of the national data protection authorities (‘Supervisory Authorities’) of the countries in the European Economic Area (‘EEA’), as well as the European Data...more
Quick Hits Schrems II Recap Most people are now familiar with the Schrems II requirements to “know your transfers” and to protect personal data when such information is subject to processing (including remote access to...more
This briefing is a part of a Walkers series on the Data Protection (Bailiwick of Guernsey) Law, 2017 (the "DPL"), and deals with the transfer of personal data outside Guernsey. A "data transfer" occurs when an individual's...more
Authorities opened an investigation after Uber drivers in France sent complaints to the French privacy protection commission, the CNIL. The CNIL transferred the handling of the complaints to the Dutch Data Protection...more
During 2023, privacy protection and artificial intelligence regulation continued apace and their implications continued to be a major focus in Israel and around the world. In Israel, this was reflected in a number of...more
Welcome to our monthly update on current legal issues for trustees of DC pension schemes, designed to help you stay up to date with key developments between trustee meetings, and to support the legal update item on your next...more
If you have been doing business with entities in the European Union, chances are that you have struggled to figure out how to transfer data from the EU to the US without running afoul of the General Data Protection Regulation...more
Effective July 10, 2023, the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) replaced the invalidated EU-U.S. Privacy Shield framework (“Privacy Shield”). Participating U.S. organizations can now receive personal data...more
Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. This week we cover the following topics: International...more
The United States ("U.S.") and the European Union ("EU") have settled on a framework for transfers of personal data for the first time since the European Court of Justice ("CJEU") effectively invalidate the EU-U.S. Privacy...more
The new framework provides an additional route for personal data transfers from the EEA to the US. On 10 July 2023, the European Commission (EC) took the final step to enable businesses to start relying on the new EU-US...more
U.S. companies can now self-certify to permit personal data to freely flow from the Europe to the United States. U.S. organizations can now self-certify their compliance with the EU-U.S. Data Privacy Framework (DPF) to...more
On July 10, 2023, the European Commission (the “Commission”) adopted an adequacy decision for the EU-U.S. Data Privacy Framework (the “Framework”). The Framework provides companies that opt in with a legitimate means of...more
On July 10, 1962, NASA launched Telstar 1, the first active communications satellite linking Europe and the United States through live television transmission. Sixty-one years later, on July 10, 2023, the European Commission...more
On July 10, 2023, the EU Commission approved the EU-U.S. Data Privacy Framework (“EU-US DPF”) as a valid transfer mechanism for sharing personal data from European Economic Area countries (those in the EU plus Iceland,...more
On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (Framework). The adequacy decision concludes the long process to open up new means by which companies transfer...more
Ireland’s Data Protection Commission has fined Meta Ireland 1.2 billion EUR. While you have probably heard about that, there is much, much more to this case and the larger Schrems II cross border saga. Here is what you...more
In light of the European Union Commission’s examination to renew the adequacy status granted to Israel in 2011, the Israeli Ministry of Justice has promulgated new privacy protection regulations, called “Provisions Regarding...more
On 13 December 2022, the European Commission (“EC”) published its draft adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”) that is intended to foster trans-Atlantic data flows and address the concerns raised by...more
In order to satisfy the European Commission that Israel will continue to protect data about Europeans according to the European standards prescribed in the European General Data Protection Regulation (GDPR) as the data enters...more
U.S. Government Releases Guide of ‘Minimum Baseline’ Cybersecurity Practices for Protecting Critical Infrastructure - The Cybersecurity & Infrastructure Security Agency (“CISA”) has released a guide to help organizations...more
In July 2020, the Court of Justice of the European Union (CJEU) declared the EU-U.S. Privacy Shield invalid. The EU-U.S. Privacy Shield program was designed to provide European Economic Area (EEA) data transferred to the U.S....more
Przekazywanie danych do państw trzecich dotyczy sytuacji, w których administrator lub podmiot przetwarzający dane osobowe dokonuje transferu danych osobowych do państwa trzeciego, czyli do państwa spoza Europejskiego Obszaru...more
On June 4, 2021, the European Commission (the “Commission”) published its implementing Decision adopting standard contractual clauses for transfer of personal data to third countries (the “SCCs”) designed to comply with the...more
Accurate and timely data is essential for successful Diversity, Equity and Inclusion Initiatives and other critically important programs, but when data collection activities collide with the GDPR risks may escalate. Here’s...more