The Standard Formula Podcast | Solvency II Back to Basics: Third Country Branches and Cross-Border Provision of Services
Welcome to our monthly update on current legal issues for trustees of DC pension schemes, designed to help you stay up to date with key developments between trustee meetings, and to support the legal update item on your next...more
Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. This week we cover the following topics: International...more
The new framework provides an additional route for personal data transfers from the EEA to the US. On 10 July 2023, the European Commission (EC) took the final step to enable businesses to start relying on the new EU-US...more
U.S. companies can now self-certify to permit personal data to freely flow from the Europe to the United States. U.S. organizations can now self-certify their compliance with the EU-U.S. Data Privacy Framework (DPF) to...more
On July 10, 1962, NASA launched Telstar 1, the first active communications satellite linking Europe and the United States through live television transmission. Sixty-one years later, on July 10, 2023, the European Commission...more
The European Union’s (“EU”) Data Protection Commission (the “Commission”) recently fined Meta Ireland $1.3 billion (or €1.2 billion) for improper data transfers from the European Economic Area (“EEA”) to the United States in...more
On June 4, 2021, the European Commission (the “Commission”) published its implementing Decision adopting standard contractual clauses for transfer of personal data to third countries (the “SCCs”) designed to comply with the...more
Accurate and timely data is essential for successful Diversity, Equity and Inclusion Initiatives and other critically important programs, but when data collection activities collide with the GDPR risks may escalate. Here’s...more
While the announcement is short on details, once in place, U.S.-based. entities will be able to use the new agreement to comply with the GDPR’s cross-border data transfer requirements. On March 25, the U.S. and E.U....more
In this month’s Privacy & Cybersecurity Update, we analyze the U.S. and EU’s joint commitment to create a new data transfer framework to replace the invalidated Privacy Shield, as well as Utah’s new state privacy law and...more
EU and UK data protection rules each restrict transfers of personal data to third countries not regarded as having an adequate level of protection, such as the United States, China, Russia and India....more
Businesses that transfer personal data to and from the United Kingdom will soon have clarity regarding transfers from the UK to recipients outside the EU/EEA. On February 2, 2022, the United Kingdom Secretary of State...more
The European Commission recently adopted an adequacy decision regarding the Republic of Korea’s data protection laws. As a result of this decision, personal data can freely flow between the EEA and South Korea without the...more
It is well known that the EU GDPR (specifically, Chapter V) restricts transfers of personal data from the EU to a “third country” (i.e. a jurisdiction outside the EEA) or to an international organisation. But what is meant by...more
On November 19 the European Data Protection Board (EDPB) published draft guidelines on the interplay between Article 3 of the GDPR (which establishes the GDPR’s territorial scope), and the GDPR’s international transfer...more
Contracts entered into prior to Sept. 27 will need to be amended to adopt the new standard contractual clauses by Dec. 27, 2022. As of Sept. 27, entities entering new contracts that are subject to the General Data...more
As of September 27, 2021, the European Commission requires controllers and processors to rely on the recently updated Standard Contractual Clauses (SCCs) for any new contracts governing personal data transfers from the EEA....more
On September 27, 2021, all new contracts that involve cross-border personal data transfers must incorporate the updated standard contractual clauses (“New SCCs”) for controllers and processors. On June 4, 2021, the European...more
Personal data transfers from the European Economic Area (“EEA”) to most other countries, including the United States, require companies to take prompt compliance action. The General Data Protection Regulation (“GDPR”)...more
In this issue of UK Employment Flash, we examine the latest employment law developments from the UK, including the law governing the return to the workplace and flexible working requests and a proposal to impose a duty on...more
Out with the old EU Standard Contractual Clauses (as of September 27th) - Organizations that use the European Union’s Standard Contractual Clauses (SCCs) to govern their transfers of personal data from the European...more
As the September 27th deadline to implement the new Standard Contractual Clauses (“SCCs”) approaches, many privacy practitioners are working overtime to help their clients update their standard data processing addenda to...more
On June 7, 2021, the European Commission (Commission) published its long-awaited Implementing Decision adopting standard contractual clauses for the transfer of personal data to third countries referred to as the new Standard...more
In June, the European Commission published the final version of a new set of standard contractual clauses (SCCs) that can be used to comply with the EU’s General Data Protection Regulation (the “GDPR”). These clauses are of...more
On June 4, 2021, the European Commission adopted its long-anticipated updated Standard Contractual Clauses (New SCCs) for use by organizations transferring personal data outside of the European Economic Area (EEA) to third...more