NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
In this episode, Thomas Nietsch, a partner in our Berlin office, sits down with Jelena Kljujic (Privacy Officer at Cisco, EMEA) and Gabriela Mercuri (Managing Director at Scope Europe) to discuss strategies for ensuring...more
Hogan Lovells and Privacy Laws & Business have submitted a joint memorandum to data protection leaders in the EU and the UK advocating for a common framework for Binding Corporate Rules (BCR). The memorandum, submitted to the...more
You are an American company. While you sell product or otherwise interact with Europe, and thereby collect personal information about European residents, you have no assets or facilities on that continent. Nonetheless, you...more
Global organizations need a clear, legal means to share data across borders, whether to conduct day-to-day business, comply with government regulations, perform under a contract, respond to lawsuits, or simply communicate and...more
On December 19, 2019, in the Facebook Ireland and Schrems (Schrems 2.0) case, the Advocate General (AG) to the European Court of Justice (ECJ)—European Union's highest court—opined that the EU Standard Contractual Clauses...more
On July 9, 2019, the European Court of Justice (ECJ)—the highest court of the European Union—will hear oral arguments in the Schrems 2.0 case relating to the validity of two key data transfer mechanisms: the Standard...more
1. Binding Corporate Rules To Facilitate Intragroup Data Transfer - Personal data is meant to circulate without boundaries inside the European Union (EU). The General Data Protection Regulation (GDPR) subjects personal...more
I. Les BCR pour faciliter les transferts intra-groupes - Les données personnelles ont vocation à circuler sans s’arrêter aux frontières de l’Union européenne (« UE »). Aussi, le règlement général sur la protection des...more
Why does this topic matter to organisations? In today's world, it is increasingly important to be able to move data freely to wherever those data are needed. However, the transfer of personal data to recipients outside the...more
The Situation: The European Court of Justice ("ECJ") is to rule on the validity of EU Standard Contractual Clauses used by companies to transfer personal data outside of the European Union, at the request of Ireland's High...more
In the United States companies are permitted to transfer personal information – including sensitive personal information – as needed between their offices, locations, and corporate affiliates. For example there are no...more
As a result of the June 23, 2016 historic referendum, the United Kingdom will be leaving the EU. The decision will have a profound effect on many areas, including the global economy, trade, immigration and, potentially, the...more
European privacy law is a bold new world for U.S. businesses doing business in Europe. An October Court of Justice ruling struck down the Safe Harbor arrangement which had governed E.U.-U.S. data transfer transactions for...more
Directive 95/46/EC of 24 October 1995 - Articles 25 and 26 - The transfer of personal data to a third country is allowed: ..if the third country ensures an adequate level of protection; the Commission can...more
Businesses have two years to comply with Europe’s new privacy regime. On 24 May 2016, after more than four years of debate, the General Data Protection Regulation (GDPR, or the Regulation) enters into force. The GDPR...more
Let’s say an American commercial litigator is working to defend a multinational client that has been sued in the U.S. The litigator may realize that he or she needs to collect emails or other documents from the client’s...more
The following provides background concerning the approved Binding Corporate Rules ("BCR") procedure. BCRs are in-kind privacy rules and standards that allow multinational groups of companies to transfer personal data within...more
There’s no doubt businesses in the EU and US would breathe a sigh of relief if a new Safe Harbor agreement is put in place between before European data protection authorities start prosecuting companies for potentially...more
On December 15, 2015, the European Union reached an agreement on the final text of the new General Data Protection Regulation. The Regulation will replace the 1995 Data Protection Directive, which is currently the basis for...more
One month after the landmark decision in Schrems vs. Data Protection Commissioner (C-365/14), the European Commission (Commission) has issued guidelines, in the form of a Communication, regarding the transfer of personal data...more
On November 6, 2015, the European Commission (“EC”) released guidance on transatlantic data transfers in light of the ruling by the European Court of Justice (“ECJ”) last month invalidating the Safe Harbor framework that had...more
On October 6, 2015, the European Court of Justice (ECJ), abolished the 15 year old Safe Harbor agreement between the EU and the U.S. Over 5,000 businesses have relied on the Safe Harbor to receive personal data from EU member...more
Like a needle to a balloon, the Schrems decision has drastically altered the data privacy landscape. Who is affected? Everyone – consumers, corporations, employees. But who needs to take action? Any company with offices in...more
On November 6, 2015, the European Commission released a widely-anticipatedCommunication assessing the impact of the judgment of the European Court of Justice (“ECJ”) in the Schrems case (C-362/14), which invalidated the...more
With EU-U.S. data transfer scheme Safe Harbor being found to be “invalid” recently by Europe’s top court, pressure has increased on U.S. and EU officials to put aside differences and see if an alternative 2.0 scheme could be...more