Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
Beginning October 12, 2023, the UK-U.S. Data Bridge will allow UK companies to transfer personal data to the United States using the new EU-U.S. Data Privacy Framework....more
On January 12, 2023, the Court of Justice of the European Union (CJEU) ruled that the data subject’s right of access to personal data requires controllers to provide the data subject with the identity of the companies that...more
Data Transfer from the European Union to the United States is a knotty process. The difficulties were compounded this summer when Europe’s highest court held the “Privacy Shield” program enabling U.S-E.U. data transfers...more
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
More than 60 U.S. and global data protection authorities and governmental agencies have issued guidance on health data collection, COVID-19 diagnosis disclosure, work-at-home practices, and return-to-work approaches. The...more
In the wake of an alarming exposé published by The New York Times in January, Clearview AI, Inc., a New York startup, faces a slew of lawsuits. Since the article’s publication, the Vermont Attorney General filed a complaint...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
After its implementation in May 2018, the European Union General Data Protection Regulation (GDPR) continues to dominate headlines in many industries, including technology. On September 25, 2018, Facebook discovered a...more
“Getting to Data Nirvana” is our four-step approach to help you integrate your legal, regulatory and compliance work streams into your organisation’s overall data strategy. ...more
At Mitratech, I work in the division of the company that develops solutions in the areas of governance, risk, and compliance (GRC). At first blush to an outsider, this may not sound very exciting and might even sound somewhat...more
Overview (10. – 6.) - 10. The European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. It applies to the processing of “personal data” of EU citizens and residents (a/k/a “data...more
This article is Part 4 of our series on the GDPR for U.S.-based companies. Part 1 assisted U.S.-based companies in determining whether the GDPR applies to them; Part 2 provided an overview of the GDPR’s key concepts and...more
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) took effect. Although EU laws typically don’t have a worldwide impact, the GDPR will impact business across the globe. The GDPR has an extremely...more
Although the GDPR comes into effect on May 25, 2018, the breadth of its reach will continue to develop long after its effective date. Domestic companies should be aware that the rules will likely change over time. While this...more
The EU’s General Data Protection Regulation (GDPR) goes into effect on May 25th. As most organizations are aware, the GDPR applies not only to EU businesses but also many companies in the U.S. While the deadline is quickly...more
On May 25, 2018, the European Union (“EU”) will implement the most robust regulation of privacy data that the digital world has ever seen—commonly known as the General Data Protection Regulation, or “GDPR.” The GDPR is the...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
In a recent landmark decision, Maximillian Schrems v. Data Protection Commissioner, Europe’s highest court struck down a US-EU agreement that allowed companies to move personal electronic data between the European Union and...more
A major European court has just pulled the rug out from under nearly 5,000 US companies, snatching away the relative business certainty of the Data Transfer Safe Harbor, and maybe the safety of standard contract clauses and...more
As I reported earlier today, the Court of Justice of the EU (ECJ) has declared Safe Harbor invalid. The full decision is now available online in English (other languages also available at curia.europa.eu by searching on...more
The initial reports of the ECJ’s decision in the Schrems Safe Harbor case (C-362/14) indicate that the Court of Justice of the EU has declared Safe Harbor invalid and sent the case back to the Irish Data Protection Authority...more
In a non-binding opinion issued on September 23, 2015, an Advocate General for the European Court of Justice (“ECJ”) recommended that the ECJ suspend the U.S.-EU Safe Harbor program (“Safe Harbor”) and reexamine whether the...more
On September 23, 2015, Advocate General Yves Bot advised the European Court of Justice that the US-EU Safe Harbor framework for the protection of trans-Atlantic transfers of personal data is invalid. The long awaited Opinion...more
Does your company rely on Safe Harbor to transfer personal data from Europe to the US? If so, it’s time to think about alternatives to Safe Harbor – and fast....more