No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Compliance with the New EU-US Data Privacy Framework
Life With GDPR - Data Transfer Update
Anonymization and AI: Critical Technologies for Moving eDiscovery Data Across Borders
Digital Trade: Key Trends and Developments to Watch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
In-house Roundhouse: Antitrust and the Tech Industry
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
Privacy Talk | The New Swiss Data Protection Act
Compliance Perspectives: The Privacy and Data Security Track at the 2020 Compliance & Ethics Institute
Update on Global Data Privacy Regulations by John Jackson
Nota Bene Episode 93: Navigating the New Global Cybersecurity Compliance Landscape with Scott Giordano
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
IAPP Global Privacy Summit Recap, Big Questions, and Indiana Jones Analogies
On 19 March 2025, the European Data Protection Board published an updated procedure for co-operation between EU data protection supervisory authorities approving GDPR Binding Corporate Rules for intra-group transfers of EU...more
On July 10, the European Commission (EC) published its data adequacy decision for the new EU-U.S. Data Privacy Framework (EU-U.S. DPF). This means that companies can transfer personal data from EU countries and from Iceland,...more
On July 10, 2023, the European Commission (“EC”) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). Nearly three years after the Court of Justice of the European Union (“CJEU”)...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
Binding Corporate Rules (BCR) are often considered the “gold standard” for international transfers of personal data subject to the GDPR. In contrast to the Standard Contractual Clauses of the European Commission (SCC), BCR...more
As China enhances its cybersecurity and data protection regime, the processing of personal information, and in particular the information of customers and employees, has come into focus under the Personal Information...more
The Information Commissioner’s Office (ICO) recently released its response to the UK government consultation, ‘Data: A new direction’. The consultation was conducted by the Department for Digital, Culture, Media and Sport...more
NGE Corporate & Securities partner John Koenigsknecht recently interviewed Data Privacy & Information Governance partner David Wheeler about the new standard contractual clauses and the complex task of assessing and...more
Organizations are closely tracking which of their vendors previously relied on Privacy Shield. Separately, they are preparing Transfer Impact Assessments (“TIAs”) to evaluate and address risks associated with personal data...more
Pathways for U.S. companies to transfer personal data out of the European Union have been repeatedly blocked by EU authorities concerned by what they perceive as gaps in data protection under U.S. laws. Schrems I invalidated...more
Following its “Brexit” from the EU on January 31, 2020, the UK had until December 31, 2020 to bring its data privacy laws into compliance with the General Data Protection Regulation (“GDPR”). As of January 1, 2021, the UK is...more
In July 2020 the Court of Justice the European Union’s (CJEU) Schrems II decision declared the EU-US Privacy Shield Protections inadequate for the protection of European data. On November 10, 2020, the European Data...more
US companies and other organizations whose activities involve the use of personal information from Europe were unsettled by the EU Court of Justice’s July 2020 Schrems II decision that cast doubt on the lawfulness of...more
Parties in the US are allowed broad and liberal discovery of electronically stored information (ESI) relevant and proportional to the claims and defenses in a legal action. When a US-based litigant seeks ESI stored in other...more
This past July, a decision by the European Court of Justice (ECJ) struck down the European Union-United States Privacy Shield framework (EU-U.S. Privacy Shield), one mechanism through which companies could transfer personal...more
The Federal Data Protection and Information Commissioner (FDPIC) has determined that the Swiss-United States Privacy Shield does not provide an adequate level of data protection for data transfers from Switzerland to the U.S....more
Following the CJEU’s invalidation of the EU Commission’s adequacy decision on the EU-U.S. Privacy Shield in Schrems 2.0, on September 8, 2020, the Federal Data Protection and Information Commissioner (FDPIC) found that the...more
EDPB and data protection authorities’ views and statements on the “Schrems II”- decision by the CJEU - On 16 July, 2020, the European Court of Justice (“CJEU“) passed a decision invalidating the EU-US Privacy Shield and...more
If you transfer data from the EU to the US, or if your trusted service providers do, the Schrems II European Court decision1 has seismic significance - even if you do not rely on Privacy Shield. On July 16, 2020, the Court...more
As discussed in an earlier alert, the Court of Justice of the European Union in a landmark decision in the Schrems II case invalidated the EU-US Privacy Shield framework, which was widely used by thousands of US organizations...more
McDermott Will & Emery, in partnership with Ankura is hosting an in depth webinar to discuss the complexity of global data transfer post-GDPR. Having analysed the marketplace trends and delivered BCR projects, our panel...more
Global organizations need a clear, legal means to share data across borders, whether to conduct day-to-day business, comply with government regulations, perform under a contract, respond to lawsuits, or simply communicate and...more
We reported in July 2019 that the Court of Justice of the European Union (CJEU) heard a case brought by privacy-rights activist Max Schrems, challenging the validity of Standard Contractual Clauses (SCCs), which are widely...more
On July 9, 2019, the European Court of Justice (ECJ)—the highest court of the European Union—will hear oral arguments in the Schrems 2.0 case relating to the validity of two key data transfer mechanisms: the Standard...more
Since the referendum to leave the EU rocked the UK in 2016, commentators, privacy personnel, and corporate officers alike have been speculating as to how Brexit will affect Britain’s subjugation to the General Data Protection...more