Life with GDPR - Meta Fined €405 million by Irish Data Protection Commission
In the ever-evolving landscape of data protection and privacy, the General Data Protection Regulation (GDPR) stands as the most significant legislative framework for processing personal data. Known for its extraterritorial...more
Last month, the European Data Protection Board – which is composed of the national data protection authorities (‘Supervisory Authorities’) of the countries in the European Economic Area (‘EEA’), as well as the European Data...more
On 6 April 2022, following the announcement of the political agreement on a new EU-US Trans-Atlantic Data Privacy Framework having been reached between the European Commission and the United States on 25 March 2022, the...more
The EDPB releases guidelines to clarify a simple but surprisingly confusing question, "What is a data transfer under the GDPR?" In light of the new guidelines, businesses should review potential transfer activities and ensure...more
It is well known that the EU GDPR (specifically, Chapter V) restricts transfers of personal data from the EU to a “third country” (i.e. a jurisdiction outside the EEA) or to an international organisation. But what is meant by...more
On November 18, 2021, the European Data Protection Board (“EDPB”) issued guidelines on the interplay between provisions in the General Data Protection Regulation (“GDPR”) governing scope and applicability and those governing...more
On September 27, 2021, all new contracts that involve cross-border personal data transfers must incorporate the updated standard contractual clauses (“New SCCs”) for controllers and processors. On June 4, 2021, the European...more
Out with the old EU Standard Contractual Clauses (as of September 27th) - Organizations that use the European Union’s Standard Contractual Clauses (SCCs) to govern their transfers of personal data from the European...more
The European Commission adopted new versions of the Standard Contractual Clauses (SCCs) on June 4, 2021. The new SCCs finally replace the original SCCs adopted under the 1998 European Data Protection Directive (DPD) and did...more
Standard contractual clauses (SCCs) are a contract addendum with provisions governing the handling of personal information. The express language of the SCCs has been preapproved by the European Commission (Commission) to be...more
The European Commission’s long-awaited updates to the Standard Contractual Clauses (“SCCs”) have arrived. Data protection lawyers globally have eagerly anticipated these changes, which are necessary to address a legal...more
On June 4, 2021, the European Commission adopted two new sets of standard contractual clauses (SCCs): one for data transfers from data controllers to data processors and one for data transfers from data exporters to data...more
Long-awaited SCCs for EU Data Transfers Adopted by European Commission with 18-month Transition Period - The EU has a cross-border data transfer framework gift for you! On June 4, 2021, the European Commission (“EC”)...more
Ending months of anxious speculation from privacy lawyers around the globe, the European Commission announced on Friday that it had adopted final versions of the new Standard Contractual Clauses (the “New SCCs”) for the...more
The final version of the new standard contractual clauses (“SCCs”) were published by the European Commission on June 4, 2021. Many organizations that transfer or receive personal data originating in the European Economic Area...more
Orrick's Cyber, Privacy & Data Innovation and IP Licensing & Technology Transactions groups cover the top 10 things you need to know about the new Standard Contractual Clauses ("SCCs") published today by the European...more
On 14 April 2021, the European Data Protection Board ("EDPB") announced that it had adopted two Opinions on the draft UK adequacy decisions issued by the European Commission on 19 February 2021. The EDPB’s take on the draft...more
Brexit has raised many questions regarding the future of data protection and digital trade. Whilst the UK’s incorporation of the General Data Protection Regulation (GDPR) into domestic law in January 2020 eased some...more
The European Commission has announced a draft decision of “adequacy” concluding the UK ensures an essentially equivalent level of data protection to the GDPR. There remains an approval process to go through before the...more
On November 10, 2020, the recently established Taskforce of the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area (EEA),...more
On November 10, the European Data Protection Board (EDPB), the European Union’s top data privacy regulator, issued long-awaited guidance setting out a framework for navigating transfers of data out of the European Economic...more
On November 12, 2020, the European Commission (“EC”) published a draft implementing decision on standard contractual clauses (“SCCs”) for the transfer of personal data to third countries pursuant to the General Data...more
On November 10, 2020, the European Data Protection Board (EDPB) adopted its long-awaited recommendations on (1) measures that supplement transfer tools to ensure transfers of personal data outside the European Economic Area...more
The EDPB has issued recommendations concerning how organisations may lawfully transfer personal data from Europe to “third countries” (e.g., the U.S. and currently the UK from 1.1.2021) in light of the recent Schrems II...more
On November 10, 2020, the European Data Protection Board (“EDPB”) released proposed rules describing the conditions that entities subject to the European Union’s (“EU”) General Data Protection Regulation (“GDPR”) can transfer...more