Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
10/15/2024
/ CNIL ,
Consent ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Retention ,
Enforcement Actions ,
EU ,
France ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Sensitive Personal Information
A new report issued in May 2024 by the Centre for European Policy Studies (CEPS), an independent thinktank, is the latest installment to cast concerns over the EU-U.S. Data Privacy Framework (DPF), predicting that it will...more
The UK and U.S. Governments have now formalized the UK-U.S. Data Bridge. The U.S. Attorney General designated the UK as a “qualifying state” for the purposes of the Executive Order 14086 on September 18, 2023, and the UK...more
U.S. companies can now self-certify to permit personal data to freely flow from the Europe to the United States.
U.S. organizations can now self-certify their compliance with the EU-U.S. Data Privacy Framework (DPF) to...more
7/27/2023
/ BCRs ,
Data Integrity ,
Data Privacy ,
Data Security ,
Department of Transportation (DOT) ,
Enforcement ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Self-Certification ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
The guidance outlines how organisations should approach international transfers and confirms examples of supplemental measures that can be adopted to ensure ongoing compliance and seeking to de-mystify earlier...more
6/30/2021
/ Binding Corporate Rules ,
Corporate Counsel ,
EU-US Privacy Shield ,
European Court of Justice (ECJ) ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
New Guidance ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK ,
UK GDPR
Just one day before New Year’s Eve, EU Commission President Ursula von der Leyen, EU Council President Charles Michel and UK Prime Minister Boris Johnson finally signed the EU-UK Trade and Cooperation Agreement.
Effective as...more
1/4/2021
/ Corporate Counsel ,
Data Collection ,
Dispute Resolution ,
Energy Sector ,
EU ,
Exports ,
Financial Services Industry ,
Free Trade Agreements ,
General Data Protection Regulation (GDPR) ,
Imports ,
Paris Agreement ,
Personal Data ,
Popular ,
Tariffs ,
UK ,
UK Brexit
Trans-Atlantic transfer scheme relied on by thousands of EU and U.S. organisations to transfer personal data from the EU to the U.S. deemed invalid by the Court of Justice of the European Union (CJEU).
Privacy Shield has...more
7/17/2020
/ Binding Corporate Rules ,
Court of Justice of the European Union (CJEU) ,
EU ,
EU-US Privacy Shield ,
Executive Orders ,
FISA ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Safe Harbors ,
Standard Contractual Clauses
DPC has echoed concerns of other regulators around the use of tracking, analytics and marketing cookies by companies.
The Irish Data Protection Commission has issued new cookies and tracking Guidance and a Report following...more
This guide has been compiled to give an overview of the rudimentary legal aspects that should be considered by anyone thinking of establishing a business in the UK. It is aimed at businesses that may already be established in...more
1/27/2020
/ Board of Directors ,
Business Assets ,
Business Development ,
Business Entities ,
Business Formation ,
Capital Formation ,
Capital Gains ,
Corporate Governance ,
Data Breach ,
Data Processors ,
Data Protection ,
Debt Collection ,
Employer Liability Issues ,
Employment Tax ,
Foreign Workers ,
General Data Protection Regulation (GDPR) ,
Insolvency ,
Intellectual Property Protection ,
International Data Transfers ,
Libor ,
Personal Data ,
Privacy Laws ,
Real Estate Transactions ,
Shareholders ,
Startups ,
UK ,
UK Brexit ,
Value-Added Tax (VAT)
Similarities aside, there are significant differences between the two privacy laws.
The CCPA grants rights to individuals who are residents of California under a definition used for income tax purposes....more
How will the new European Union data protection law affect U.S. nonprofit organizations?
Nonprofit organizations based in the U.S. can often handle large amounts of data which originates in the EU—for example, they may...more
4/24/2018
/ Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Nonprofits ,
Notice Requirements ,
Personal Data ,
Personally Identifiable Information ,
Risk Management ,
Websites
NHS and social care organisations in the UK are being encouraged to take a fresh look at public cloud services given the myriad benefits of doing so.
The guidance is timely given the coming into force of the GDPR in May,...more
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing...more
Those of us who have been grappling with how best to approach GDPR compliance in outsourcing and other commercial contracts will be all too familiar with Article 28 of the GDPR, which sets out a number of minimum contract...more
With the August 1st start of the Privacy Shield, the European Commission’s new and long-awaited transatlantic data transfer agreement with the U.S., businesses that had previously relied on the invalidated Safe Harbor scheme...more
8/16/2016
/ Binding Corporate Rules ,
Court of Justice of the European Union (CJEU) ,
Data Collection ,
Data Protection Authority ,
Department of Justice (DOJ) ,
EU ,
EU-US Privacy Shield ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Model Contracts ,
Personal Data ,
U.S. Commerce Department ,
US Department of State ,
US-EU Safe Harbor Framework
The final text of the significant new EU General Data Protection Regulation (GDPR) has now been published (4 May 2016) in the Official Journal of the European Union. This means the clock is now ticking for the sweeping new...more
On February 2, 2016, the European Commission and the U.S. Department of Commerce reached an accord on a new transatlantic data transfer protocol. Nicknamed the EU-U.S. Privacy Shield, the framework would replace the...more
The Court of Justice of the European Union (CJEU) has been very busy in recent weeks re-shaping EU privacy laws. In addition to the much-anticipated decision in “Schrems” (Case C-362/14), which essentially rules the US-EU...more
10/29/2015
/ Compliance ,
Cybersecurity ,
Data Protection ,
Debt Collection ,
European Commission ,
European Court of Justice (ECJ) ,
Hungary ,
International Data Transfers ,
Member State ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Sanctions ,
US-EU Safe Harbor Framework
Europe’s top court ruled that U.S. companies relying upon the “Safe Harbor Framework” data sharing regime to maintain information regarding EU citizens is “invalid.” This means that any company relying upon the Safe Harbor...more
10/8/2015
/ Binding Corporate Rules ,
Data Protection ,
European Court of Justice (ECJ) ,
International Data Transfers ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
PRISM Program ,
Privacy Policy ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework