On March 22, 2024, the Cyberspace Administration of China (CAC) published the Regulations on Promoting and Regulating Cross-border Data Flow (the “Regulations”), effective immediately. The Regulations supplement China data...more
The White House announced that President Biden will sign an executive order designed to protect sensitive data of U.S. persons from exploitation by identified countries of concern. This executive order is expected to be...more
Entities registered with the U.S. Securities & Exchange Commission (SEC) must maintain certain books and records and can be subject to the SEC’s examination, inspection, and enforcement authority. Responding to SEC requests...more
On August 24, 2020, the data protection authority of the German state of Baden-Württemberg (the “DPA”) published guidance (the “Guidance”) on international transfers of personal data following the Schrems II judgment....more
This morning, Germany’s Federal Data Protection Authority (DPA) announced that the European Data Protection Board (EDPB) has finalized an initial set of FAQs on international transfers in light of the recent Schrems II...more
The European Court of Justice (ECJ) issued its much-anticipated decision in the Schrems II case. As we analyze in detail in an earlier blog post, the ECJ’s decision invalidates Privacy Shield while leaving Standard...more
In late 2015, the European Court of Justice (ECJ) issued its initial Schrems decision, invalidating the EU/US Safe Harbor and leading to important developments in the rules for transferring personal data from the EU to the...more
Most privacy professionals are familiar with the European Court of Justice’s 2015 Schrems decision, which struck down the US-EU Safe Harbor mechanism. One lesser-discussed aspect of the ECJ’s decision related to the powers...more
Late last week, 10 of Germany’s 17 Data Protection Authorities (DPAs) announced they are planning to send written questionnaires to approximately 500 different companies regarding international data transfers. The following...more
Just over two weeks ago, the European Commission formally adopted the US-EU Privacy Shield. As part of making Privacy Shield accessible to EU residents, the Commission has long planned to issue a “Citizen’s Guide” to the...more
Today, the European Commission (“EU Commission”) formally approved a new transatlantic framework for the transfer of personal data from Europe to the United States (“U.S.”) (the “Privacy Shield”). Under the EU Commission’s...more
One of the most important EU legislative initiatives in recent years, and a landmark in privacy regulation worldwide, the GDPR is set to replace the Data Protection Directive (95/46/EC) of 1995. After the Council of...more
Last week, we reported that the Council of Ministers accelerated the timetable for passage of the General Data Protection Regulation (GDPR). The European Parliament followed suit and approved the GDPR this morning. As a...more
On April 13, 2016, the Article 29 Working Party (“Art. 29 WP”) held a press conference at which it presented its forthcoming opinion on the adequacy of the US-EU Privacy Shield....more
Several hours after holding a closely-watched press conference we reported on yesterday, the Article 29 Working Party (“Art. 29 WP”) released its highly anticipated formal opinion on the adequacy of Privacy Shield. Background...more