Despite the overall political uncertainty about Brexit, worries about a sudden stop to personal data transfers from the UK to the US are misplaced, deal or no deal. There is, in fact, a plan, and it’s a reasonable, practical...more
Even president-elect Donald Trump has been the victim of a data breach. Several times actually. The payment card system for his Trump Hotel Collection was infected by malware in May 2014 and 70,000 credit card numbers were...more
I. Introduction: Privacy Shield to Go Live August 1 (at Last) -
The replacement for Safe Harbor is finally in effect, over nine months after Safe Harbor was struck down by the Court of Justice of the EU in the Schrems...more
7/25/2016
/ Consent ,
Data Protection Authority ,
Data Security ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Notice Requirements ,
Personal Data ,
Surveillance ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
Carrie,
A couple of weeks ago, you wrote me about an employee who will be engaging in a six-month temporary assignment around Europe to scope market opportunities. The employee was Abbie Absent-Minded. Well, we hit a...more
6/2/2016
/ Breach Notification Rule ,
Customer Lists ,
Data Breach ,
Data Security ,
Employer Liability Issues ,
Encryption ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Laptop Computers ,
Personal Data ,
UK
The general definition of “personal information” used in the majority of statutes is: An individual’s first name or first initial and last name plus one or more of the following data elements: (i) Social Security number, (ii)...more
EU Commissioner Vera Jourova recently announced in a speech to the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) that the Commission and the US have made substantial progress in finalizing a...more
10/28/2015
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
Enforcement ,
EU ,
EU Data Protection Laws ,
European Commission ,
Facebook ,
Germany ,
Google ,
International Data Transfers ,
LIBE ,
Model Contracts ,
National Security Agency (NSA) ,
Personal Data ,
SCC ,
Schrems I & Schrems II ,
Surveillance ,
US-EU Safe Harbor Framework
The EU Parliament committee that is charged with considering data protection matters (LIBE) has issued a press release calling on the European Commission to take action before the end of 2015 to come up with alternatives to...more
10/14/2015
/ Binding Corporate Rules ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
LIBE ,
National Security Agency (NSA) ,
Personal Data ,
Prior Express Consent ,
SCC ,
Schrems I & Schrems II ,
Surveillance ,
US-EU Safe Harbor Framework
As I reported earlier today, the Court of Justice of the EU (ECJ) has declared Safe Harbor invalid. The full decision is now available online in English (other languages also available at curia.europa.eu by searching on...more
10/6/2015
/ Binding Corporate Rules ,
Data Controller ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Informed Consent ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Prior Express Consent ,
US-EU Safe Harbor Framework
The initial reports of the ECJ’s decision in the Schrems Safe Harbor case (C-362/14) indicate that the Court of Justice of the EU has declared Safe Harbor invalid and sent the case back to the Irish Data Protection Authority...more
10/6/2015
/ Binding Corporate Rules ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Informed Consent ,
International Data Transfers ,
National Security Agency (NSA) ,
Personal Data ,
Personally Identifiable Information ,
Prior Express Consent ,
PRISM Program ,
UK ,
US-EU Safe Harbor Framework
The European Court of Justice (ECJ) has announced that it will release its decision in the Schrems Safe Harbor case on Tuesday, October 6. It is highly unusual for the ECJ to issue a decision so quickly after publication of...more
Does your company rely on Safe Harbor to transfer personal data from Europe to the US? If so, it’s time to think about alternatives to Safe Harbor – and fast....more
9/23/2015
/ Binding Corporate Rules ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Informed Consent ,
International Data Transfers ,
National Security Agency (NSA) ,
Personal Data ,
Personally Identifiable Information ,
UK ,
US-EU Safe Harbor Framework ,
Young Lawyers
Giovanni Buttarelli, the European Data Protection Supervisor (EDPS), recently announced the formation of a new external Ethics Board that will do a deep dive into the complex ethical issues that surround the use of personal...more