The UK is poised to reshape its data protection landscape with the introduction of the UK Data (Use and Access) Act (the "DUA Act"). As one of the most significant reforms in UK data law since the GDPR came into effect, the...more
On July 10, 2023, the European Commission formally approved the EU-U.S. Data Privacy Framework (“DPF"). You can view our brief video discussion about the DPF or read our initial update.
Companies that maintained their...more
The European Commission today approved the long-awaited framework for data transfers to the United States. What is the decision about? Today's decision means that organisations subject to the GDPR can benefit from an adequacy...more
Section 702 of the Foreign Intelligence Surveillance Act (“FISA”) has been a looming presence in the European privacy landscape since Edward Snowden first leaked the PRISM files in 2013. Surveillance authorized under FISA 702...more
Update: UK international data transfer agreement and UK addendum to the EU standard contractual clauses now in force In February, the Information Commissioner’s Office (“ICO”), the United Kingdom (UK) data protection...more
In February 2022, the United Kingdom (UK) Information Commissioner’s Office (“ICO”), along with the data protection authority (“DPA”) in the UK, published three new documents ("UK Documents") which update the UK's position on...more
The Austrian data protection authority (Österreichische Datenschutzbehörde; Austrian DPA) recently ruled that the use of Google Analytics violated Chapter V (transfers of personal data to third parties) of the EU General Data...more
2/3/2022
/ Australia ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Google ,
International Data Transfers ,
Schrems I & Schrems II
Orrick's Cyber, Privacy & Data Innovation and IP Licensing & Technology Transactions groups cover the top 10 things you need to know about the new Standard Contractual Clauses ("SCCs") published today by the European...more
6/7/2021
/ Corporate Counsel ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Model Clauses ,
Model Contracts ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK ,
UK ICO
On November 11, 2020, the European Data Protection Board (EDPB) published its long-awaited guidance on what parties to international data transfers should be doing to perform such transfers in a manner compliant with the...more
The European Court of Justice (CJEU) published its highly anticipated judgement in the case of Data Protection Commissioner Ireland v Facebook Ireland Limited, Maximillian Schrems, colloquially known as “Schrems 2.0”. There...more
7/17/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Safe Harbors ,
Standard Contractual Clauses