No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Life With GDPR - Data Transfer Update
Life with GDPR - Data Transfers from EU/UK to US
Everything Compliance - The Elon Etc Edition
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
On May 14, 2025, the European Data Protection Board ("EDPB") issued a favorable opinion on granting a six-month extension to the existing adequacy decisions for the UK, following a formal proposal from the European...more
On May 2, 2025, the Irish Data Protection Commission (“DPC”) issued a decision, as lead supervisory authority, finding that TikTok infringed the GDPR regarding (a) its cross-border transfers of EEA User Data to China, and (b)...more
In politically uncertain times, is your organisation’s data transfer compliance unquestionable? The EU-U.S. Data Privacy Framework (DPF) serves as a useful mechanism for transatlantic data transfers, and it can assist...more
As 2025 progresses, one thing is clear—GDPR enforcement is not slowing down. In fact, regulators across Europe are intensifying their scrutiny, handing out significant fines and even warning executives of potential personal...more
In the ever-evolving landscape of data protection and privacy, the General Data Protection Regulation (GDPR) stands as the most significant legislative framework for processing personal data. Known for its extraterritorial...more
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) has issued a €290 million fine to Uber for violating the EU’s General Data Protection Regulation (GDPR)....more
Last month, the European Data Protection Board – which is composed of the national data protection authorities (‘Supervisory Authorities’) of the countries in the European Economic Area (‘EEA’), as well as the European Data...more
Quick Hits Schrems II Recap Most people are now familiar with the Schrems II requirements to “know your transfers” and to protect personal data when such information is subject to processing (including remote access to...more
A new report issued in May 2024 by the Centre for European Policy Studies (CEPS), an independent thinktank, is the latest installment to cast concerns over the EU-U.S. Data Privacy Framework (DPF), predicting that it will...more
Theodore Christakis, Professor of International Law at the University Grenoble Alpes and Senior Fellow and Director of Research for Europe at the Cross-Border Data Forum, has published a new comprehensive analysis on...more
Welcome to the January 2024 edition of the Jenner & Block Japan Newsletter, a publication containing updates about legal developments in the United States that may be noteworthy to our clients and other leaders in the...more
On the heels of the EU-US Data Privacy Framework (DPF), another bridge has been built across the Atlantic to streamline data transfers between businesses. In July, the European Commission adopted its much-anticipated...more
On July 10, 2023, the European Commission (the “Commission”) adopted an adequacy decision for the EU-U.S. Data Privacy Framework (the “Framework”). The Framework provides companies that opt in with a legitimate means of...more
After years of uncertainty in the privacy rules governing transfer of data from the EU to the U.S., the new transatlantic data privacy framework has finally been adopted. On July 10, the European Commission formally adopted...more
Updated June 2023 - The BCLP Data Privacy & Security team is tracking EU law developments relevant to data and cyber security. This tracker summarizes the effect and status of the following: the Digital Services Act, the...more
For most large companies, a frictionless flow of information and the ability to transfer customer data, employee files, financial records and other information around the world quickly and cost-effectively is a critical...more
Join us for a webinar where we will focus on the details of the recently finalised and published Executive Order to Implement the European Union-U.S. Data Privacy Framework. Alongside Alex Brown of UK-headquartered...more
President Biden signed a new executive order on Friday, with a framework that seeks to replace the existing Privacy Shield program. That program was found to be an invalid mechanism for transferring personal data between the...more
...This session, led by industry-acknowledged experts in areas ranging from data protection and privacy to data transfer and legal discovery, provided a professional forum for the explanation of the best approaches,...more
After two-plus years of mostly attending CLEs, webinars, and other knowledge-building events via Zoom, Teams or some other virtual platform, it was great to get together with like-minded privacy professionals in Washington,...more
President Biden and EU leaders announced on March 25, 2022 an agreement in principle to craft a replacement for the Privacy Shield and expand options for trans-Atlantic data transfers in accordance with the General Data...more
Let’s say you are an EU company. You engage a processor. Data is processed in the EU. There is no transfer. But in the processor-sub-processor data processing agreement, the data processor reserves the right to disclose...more
What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision and why is it important for both GDPR companies and CPRA, CDPA, CPA and UCPA companies:... ...more
The concept of a “transfer” under Chapter V of the GDPR has always been a bit like obscenity. We didn’t have an authoritative definition, but with apologies to the late Justice Potter Stewart, we knew it when we saw it. And...more
The EDPB releases guidelines to clarify a simple but surprisingly confusing question, "What is a data transfer under the GDPR?" In light of the new guidelines, businesses should review potential transfer activities and ensure...more