Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
You are an American company. While you sell product or otherwise interact with Europe, and thereby collect personal information about European residents, you have no assets or facilities on that continent. Nonetheless, you...more
Global organizations need a clear, legal means to share data across borders, whether to conduct day-to-day business, comply with government regulations, perform under a contract, respond to lawsuits, or simply communicate and...more
On December 19, 2019, in the Facebook Ireland and Schrems (Schrems 2.0) case, the Advocate General (AG) to the European Court of Justice (ECJ)—European Union's highest court—opined that the EU Standard Contractual Clauses...more
1. Binding Corporate Rules To Facilitate Intragroup Data Transfer - Personal data is meant to circulate without boundaries inside the European Union (EU). The General Data Protection Regulation (GDPR) subjects personal...more
I. Les BCR pour faciliter les transferts intra-groupes - Les données personnelles ont vocation à circuler sans s’arrêter aux frontières de l’Union européenne (« UE »). Aussi, le règlement général sur la protection des...more
Why does this topic matter to organisations? In today's world, it is increasingly important to be able to move data freely to wherever those data are needed. However, the transfer of personal data to recipients outside the...more
The Situation: The European Court of Justice ("ECJ") is to rule on the validity of EU Standard Contractual Clauses used by companies to transfer personal data outside of the European Union, at the request of Ireland's High...more
In the United States companies are permitted to transfer personal information – including sensitive personal information – as needed between their offices, locations, and corporate affiliates. For example there are no...more
European privacy law is a bold new world for U.S. businesses doing business in Europe. An October Court of Justice ruling struck down the Safe Harbor arrangement which had governed E.U.-U.S. data transfer transactions for...more
Directive 95/46/EC of 24 October 1995 - Articles 25 and 26 - The transfer of personal data to a third country is allowed: ..if the third country ensures an adequate level of protection; the Commission can...more
Businesses have two years to comply with Europe’s new privacy regime. On 24 May 2016, after more than four years of debate, the General Data Protection Regulation (GDPR, or the Regulation) enters into force. The GDPR...more
Let’s say an American commercial litigator is working to defend a multinational client that has been sued in the U.S. The litigator may realize that he or she needs to collect emails or other documents from the client’s...more
The following provides background concerning the approved Binding Corporate Rules ("BCR") procedure. BCRs are in-kind privacy rules and standards that allow multinational groups of companies to transfer personal data within...more
There’s no doubt businesses in the EU and US would breathe a sigh of relief if a new Safe Harbor agreement is put in place between before European data protection authorities start prosecuting companies for potentially...more
On December 15, 2015, the European Union reached an agreement on the final text of the new General Data Protection Regulation. The Regulation will replace the 1995 Data Protection Directive, which is currently the basis for...more
One month after the landmark decision in Schrems vs. Data Protection Commissioner (C-365/14), the European Commission (Commission) has issued guidelines, in the form of a Communication, regarding the transfer of personal data...more
On October 6, 2015, the European Court of Justice (ECJ), abolished the 15 year old Safe Harbor agreement between the EU and the U.S. Over 5,000 businesses have relied on the Safe Harbor to receive personal data from EU member...more
On November 6, 2015, the European Commission released a widely-anticipatedCommunication assessing the impact of the judgment of the European Court of Justice (“ECJ”) in the Schrems case (C-362/14), which invalidated the...more
On 11 September, TeliaSonera and Telenor have abandoned the proposed merger of their business units in Denmark. The contemplated transaction would have resulted in the establishment of a joint venture active in the provision...more
In the weeks since the October 6, 2015, Court of Justice of the European Union decision (“CJEU Decision”) that invalidated the EU-U.S. Safe Harbor framework, companies have been faced with the quandary of establishing legal...more
Last week, the Vienna Higher Regional Court ruled that most of Max Schrems’ claims against Facebook can proceed, including his claim that Facebook improperly allowed his personal information to be shared with the National...more
EU Commissioner Vera Jourova recently announced in a speech to the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) that the Commission and the US have made substantial progress in finalizing a...more
On Monday, October 26, European Union Justice Commissioner Vera Jourová delivered a speech before the European Parliament in which she noted that the European Union and the United States had agreed “in principle” on a new...more
Over the course of the coming weeks, we will examine the various options available to companies in light of the European Court of Justice’s (CJEU) decision invalidating the US-EU Safe Harbor framework, including model...more
With EU Safe Harbor Invalidated, Companies Ask: What Now? - What happens now?: That is the question that businesses across the country are asking after the Court of Justice of the European Union (CJEU) threw out the...more