NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
NGE Corporate & Securities partner John Koenigsknecht recently interviewed Data Privacy & Information Governance partner David Wheeler about the new standard contractual clauses and the complex task of assessing and...more
The guidance outlines how organisations should approach international transfers and confirms examples of supplemental measures that can be adopted to ensure ongoing compliance and seeking to de-mystify earlier uncertainty. ...more
This past July, a decision by the European Court of Justice (ECJ) struck down the European Union-United States Privacy Shield framework (EU-U.S. Privacy Shield), one mechanism through which companies could transfer personal...more
Last week started and ended with big announcements in the privacy world. At the end of the week, on August 14th, the regulations implementing the California Consumer Privacy Act of 2018 (CCPA) were finally declared final -...more
On July 16, 2020, the Court of Justice of the European Union (“ECJ”), EU’s highest court, issued a judgment which (i) immediately invalidated the EU – U.S. Data Privacy Shield Framework (“Privacy Shield”)1 and (ii) maintained...more
On December 19, 2019, in the Facebook Ireland and Schrems (Schrems 2.0) case, the Advocate General (AG) to the European Court of Justice (ECJ)—European Union's highest court—opined that the EU Standard Contractual Clauses...more
The Situation: The European Court of Justice ("ECJ") is to rule on the validity of EU Standard Contractual Clauses used by companies to transfer personal data outside of the European Union, at the request of Ireland's High...more
There was a new and potentially significant development this week in the Irish courts that could mark the start of a fundamental change in the field of privacy law and the transfer of personal data from the European Union to...more
The European Commission recently determined that the Privacy Shield Framework is adequate to legitimize data transfers under EU law, providing a replacement for the Safe Harbor program. The Privacy Shield is designed to...more
The EU Data Protection Directive 95/46/EC (the “Directive”) creates the legal framework for the national data-protection laws in each EU member state. The Directive states that personal data may only be transferred to...more
When the European Court of Justice first invalidated the Safe Harbor we recommended here that, for most companies, staying the course by implementing general data security best practices was probably the right thing to do...more
European privacy law is a bold new world for U.S. businesses doing business in Europe. An October Court of Justice ruling struck down the Safe Harbor arrangement which had governed E.U.-U.S. data transfer transactions for...more
The European Union Article 29 Working Party (Article 29) issued an opinion on the proposed EU-U.S. Privacy Shield framework agreement (Privacy Shield) last week, stating that although the Privacy Shield was a “great step...more
With the Article 29 Working Party’s position on the adequacy of the EU-U.S. Privacy Shield framework agreement (Privacy Shield) decision expected this week, U.S. businesses should be evaluating privacy options and preparing...more
Let’s say an American commercial litigator is working to defend a multinational client that has been sued in the U.S. The litigator may realize that he or she needs to collect emails or other documents from the client’s...more
On February 2, 2016, the European Commission (EC) and the U.S. Department of Commerce (Commerce) announced that they had reached agreement on a new data transfer safe harbor arrangement for the transfer of personal data from...more
Earlier this week, the European Commission announced that a “political” agreement has been reached on a new framework for data flows from the EU to the US. The announcement highlights a few changes from the old Safe Harbor...more
Crucial decision by Working Party 29 expected February 3, 2016 on validity of Standard Contractual Clauses and Binding Corporate Rules for data transfers to U.S. Following the judgement of the European Court of Justice...more
There’s no doubt businesses in the EU and US would breathe a sigh of relief if a new Safe Harbor agreement is put in place between before European data protection authorities start prosecuting companies for potentially...more
On 11 September, TeliaSonera and Telenor have abandoned the proposed merger of their business units in Denmark. The contemplated transaction would have resulted in the establishment of a joint venture active in the provision...more
In the wake of the European Court of Justice’s (“CJEU”) landmark decision of Schrems v. Data Protection Authority earlier this month, the EU Justice Commissioner Vera Jourova announced this week that the EU has “agreed in...more
In the weeks since the October 6, 2015, Court of Justice of the European Union decision (“CJEU Decision”) that invalidated the EU-U.S. Safe Harbor framework, companies have been faced with the quandary of establishing legal...more
Last week, the Vienna Higher Regional Court ruled that most of Max Schrems’ claims against Facebook can proceed, including his claim that Facebook improperly allowed his personal information to be shared with the National...more
Following the landmark judgment of the CJEU on 6 October 2015, which declared the U.S.-EU Safe Harbor scheme invalid and allowed national supervisory authorities to evaluate whether an adequate level of protection is provided...more
An early Position Paper of the German data protection authority of Schleswig-Holstein on the Schrems Judgment of the Court of Justice of the European Union (ECJ) gave little hope for practical alternatives to Safe Harbor. On...more