Let’s say you are an EU company. You engage a processor. Data is processed in the EU. There is no transfer. But in the processor-sub-processor data processing agreement, the data processor reserves the right to disclose...more
On October 9, 2020, there were media reports that the French Data Protection Authority (CNIL) had expressed concerns regarding the hosting by Microsoft (EU) of the French centralized public health database (the Health Data...more
Last month the UK-US Bilateral Data Access Agreement (“Agreement”) came into effect. It is the first agreement to be put in place under legislation introduced to address contemporary challenges to data-gathering by domestic...more
UK law enforcement can now obtain an order against a person in or operating in the US for the production of or access to electronic data under a new ‘landmark’ US-UK data sharing agreement. The agreement has been heralded...more
This Update highlights key legal and policy developments in cybersecurity and privacy law that may impact important trends for 2019 and beyond. A central takeaway from 2018 is that regulators in the U.S. and abroad are...more
Many organizations that transfer data from the European Economic Area (EEA), including the European Union (EU), or Switzerland (which operates as a sovereign nation independent of the EU and EEA) to the United States of...more
On June 12, 2018, following its extraordinary meeting the day before in Strasbourg, the European Parliament’s Civil Liberties, Justice and Home Affairs Committee (“LIBE”) called on the European Commission (“Commission”) to...more
The Situation: To strengthen cross-border cooperation in investigations, the European Commission has proposed legislation allowing EU Member State authorities to access, directly from services providers, electronic evidence...more