The European Union’s new AI Act (the Act) went into efect on 1 August 2024. The Act is the first-ever comprehensive law focused on artifcial intelligence and machine learning (collectively, AI). The Act impacts many...more
The last few years have thrown many surprises at businesses. Organizations across all sectors have faced inflation, global conflicts, supply chain challenges, a pandemic, and continually changing government policies. In 2023,...more
1/23/2023
/ Automotive Industry ,
Capital Markets ,
Cryptocurrency ,
Energy Sector ,
EU ,
False Claims Act (FCA) ,
FDIC ,
Financial Services Industry ,
FinTech ,
Food and Drug Administration (FDA) ,
Life Sciences ,
Tax Credits
The European Commission has finally approved two decisions on 28 June granting the United Kingdom the cherished status of having “adequate” data protection laws so that transfers of personal data from the European Union are...more
Following the Schrems II decision last year, there have been many questions about the status of international data transfers between the European Union and United States. The European Commission (the Commission) has now...more
The European Data Protection Board (EDPB) has finally released its much anticipated guidance following the Schrems II decision in July 2020, which invalidated the "Privacy Shield" system that allowed the transfer of personal...more
The Court of Justice of the European Union (ECJ) has finally issued its decision on the validity of standard contractual clauses (SCCs) in the Irish Data Protection Commissioner’s referral to the ECJ for an opinion on the...more
7/20/2020
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ireland ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
The European General Data Protection Regulation, which will come into force on May 25, 2018, requires companies, including investment managers, funds, banks, and broker-dealers, with operations in Europe or information about...more
4/18/2018
/ Banks ,
Broker-Dealer ,
Data Breach ,
Data Protection ,
EU ,
Financial Conduct Authority (FCA) ,
Financial Institutions ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Investment Management ,
Personal Data ,
UK
The GDPR will apply to the UK when it is effective on May 25, 2018, but the government will need to adopt domestic data privacy legislation upon the UK’s pending exit from the EU....more
3/22/2017
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular ,
UK ,
UK Brexit ,
UK Data Protection Act
The EU-US Privacy Shield—successor to the invalidated Safe Harbor program for transatlantic transfers of EU personal data—was finally approved on July 12, 2016....more
Following the United Kingdom’s nonbinding vote to leave the European Union (“Brexit”), what do businesses need to consider for data privacy compliance?...more
Passage of the Act facilitates two data-sharing agreements between the European Union and United States that will improve transatlantic business, privacy, and security.
On February 24, the Judicial Redress Act of 2015...more
The new EU-US Privacy Shield seeks to address the European Court of Justice’s criticisms in Schrems after the decision invalidated the Safe Harbor program for EU-US data transfers.
On February 29, the EU Commission...more
3/2/2016
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
Data Protection Authority ,
Dispute Resolution ,
EU ,
EU-US Privacy Shield ,
European Commission ,
International Data Transfers ,
Schrems I & Schrems II ,
US Department of State ,
US-EU Safe Harbor Framework
The pending legislation would authorize the US Department of Justice to designate foreign countries to allow the citizens of such countries to bring civil actions against certain US agencies to access, amend, or redress...more
A new personal data transfer agreement was announced on February 3, 2016 between EU and US authorities: the EU-US Privacy Shield will replace the invalidated Safe Harbor programme.
Since the landmark decision of the...more
2/4/2016
/ Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Surveillance ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
The General Data Protection Regulation places new obligations on businesses to protect personal data with high financial penalties for noncompliance.
The European Commission has confirmed that the new General Data...more
Data transfers can be suspended until investigation is complete.
In Maximillian Schrems v. Data Protection Commissioner (case C-362/14), the Advocate General ruled that EU data protection authorities do have powers to...more
9/28/2015
/ Advocate General ,
Binding Corporate Rules ,
Cloud Computing ,
Data Collection ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
Edward Snowden ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Prior Express Consent ,
Privacy Policy ,
Public Disclosure ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework