NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Summary - In its judgement of 11 July 2024 (C-757/22), the European Court of Justice (‘ECJ’) ruled that the violation of a controller’s information obligations under Art. 12 and 13 GDPR, can be subject to a representative...more
On March 7, 2024, the European Court of Justice (CJEU) issued a landmark ruling on digital advertising and the concepts of personal data and joint controllership under the General Data Protection Regulation (GDPR)....more
If Washington State’s My Health My Data Act (“MHMDA”) “turned the beat around” on drug and device makers, then the Schrems I and II decisions by the European Court of Justice had companies on both sides of the Atlantic...more
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
Key Point: The European Commission has adopted an adequacy decision for the EU-U.S. Data Privacy Framework, which allows certain businesses to transfer data from the EU to the U.S. without the need for additional transfer...more
On July 10, 2023, the European Commission concluded that the US ensures an adequate level of protection for personal data transferred from the European Union to US companies under the new EU-US Data Privacy Framework. Based...more
On July 3, 2023, U.S. Secretary of Commerce Gina Raimondo announced that the U.S. fulfilled its commitments that were prerequisites to the implementation of the EU-U.S. Data Privacy Framework (Framework). These steps are...more
At the end of June, the European Data Protection Board (EDPB) published its Recommendations (Recs) on Binding Corporate Rules (BCRs). Among other things, the Recs require existing and in process BCRs to: - Incorporate...more
A Fresh Perspective on Data Protection and Damages - Opening statements by Peter Hense at a University of Vienna panel titled "EU Future Talks, Non-Material Damages for GDPR Violations: Quo Vadis Österreichische Post...more
Für alle Personalverantwortlichen gibt es spannende Neuigkeiten aus dem Bereich Beschäftigtendatenschutz: Aufgrund einer Entscheidung des EuGH (Urteil vom 30. März 2023, C 34/21) könnte § 26 BDSG, die zentrale deutsche Norm...more
U.S. Government Releases Guide of ‘Minimum Baseline’ Cybersecurity Practices for Protecting Critical Infrastructure - The Cybersecurity & Infrastructure Security Agency (“CISA”) has released a guide to help organizations...more
As we wrote in July 2020, the European Court of Justice issued a landmark decision that invalidated the Privacy Shield as untenable under the European General Data Protection Regulation (GDPR). The decision sparked...more
While claims for damages in the event of data protection violations have theoretically existed for some time, they have been gaining in importance since the introduction of the General Data Protection Regulation ("GDPR")....more
On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (“EO”). The EO lays ground for the long-awaited successor to the EU-U.S. Privacy...more
Privacy law 101 includes a simple but important basic concept that organizations may only use personal information they collect for what they say they will, and how they say they will. According to the Federal Trade...more
On March 25, 2022, U.S. President Joe Biden and European Commission President Ursula von der Leyen announced that the U.S. and the EU have reached a political agreement in principle on a new Trans-Atlantic Data Privacy...more
NGE Corporate & Securities partner John Koenigsknecht recently interviewed Data Privacy & Information Governance partner David Wheeler about the new standard contractual clauses and the complex task of assessing and...more
Last year, the COVID-19 pandemic brought about a global market disruption across multiple industries, and manufacturers expect the pandemic to continue to affect the automotive industry through 2021. The pandemic has not...more
Is it hyperbolic to say that never before have we seen a quieter, yet more anticipated and welcome end to a year than in 2020? For some, 2020 is a year the sooner forgotten, the better. In data privacy and security law, a lot...more
Melina Efstathiou of Eversheds joins Bill and Rob to discuss this summer’s surprise decision by the European Court of Justice invalidating the EU-US Privacy Shield. The three will also dive into the current state of other...more
The Belgian Data Protection Authority (DPA) has published brief guidance concerning the European Court of Justice (ECJ) judgement on the European Commission’s adequacy decision provided by the EU-US data Privacy Shield...more
Cross-border and international discovery can be complicated. And the recent invalidation of the EU-U.S. Privacy Shield Program by the European Union Court of Justice in Irish Data Protection Commissioner v. Facebook Ireland...more
There is a lot going on in the world right now—and the world of data privacy is no exception. Here is a snapshot of what’s on our radar: 1. Senators Jeff Merkley and Bernie Sanders introduced the National Biometric...more
The Court of Justice of the European Union (CJEU) sent shockwaves through the privacy community last week. As Jonathan Armstrong of Cordery explains in this podcast, it put an effective end to the Privacy Shield because of...more
On Thursday, July 16, the European Court of Justice (ECJ) ruled that the EU-US Privacy Shield is invalid. The ruling stems from the complaints filed with the Irish supervisory authority by Max Schrems regarding the transfer...more