The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
In-house Roundhouse: Antitrust and the Tech Industry
What's Next after the Schrems II Decision of ECJ
Life With GDPR: Episode 47- Schrems III-Impact on the Transatlantic Digital Trade
If you’re in the privacy industry, you know Max Schrems: Renowned privacy rights advocate and the David who took on Facebook’s Goliath to shine a light on the misuse of consumer data. But that’s just one facet of what he...more
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
On July 10th, the European Commission issued its Implementing Decision regarding the adequacy of the EU-UD Data Privacy Framework (“DPF”). The Decision has been eagerly awaited by US and Europe based commerce, hoping it will...more
Summary - On July 10, 2023, the European Commission issued an adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF” or “DPF”). The decision concludes that the U.S. ensures an adequate level of protection...more
On July 10, 2023, the EU Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework, concluding that the United States ensures an adequate level of protection for personal data transferred from the...more
As of July 17, 2023, U.S.-based multinational employers that can access the personal data of their workforce members in the European Union (EU) via a human resources information system (HRIS), or otherwise transfer the...more
Swiftly on the heels of the U.S. announcing it fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the Framework), the European Commission (the EC) formally recognized that commercial organizations...more
Please take note! 1.SchremsII and cross border transfers: Risk based, wherefore art thou? With the Google Analytics, Google Fonts, Amazon AWS, Google Workspace other cases, the SchremsII and DPA guidance is piling up....more
...This session, led by industry-acknowledged experts in areas ranging from data protection and privacy to data transfer and legal discovery, provided a professional forum for the explanation of the best approaches,...more
Introduction - The data protection landscape in the UK, and globally, continues to evolve. The pace and number of initiatives has continued into 2022. This requires a step back – to look for key trends and the most relevant...more
California Privacy Protection Agency Releases Draft CPRA Regulations - The California Privacy Protection Agency (CPPA) just released proposed California Privacy Rights Act (CPRA) regulations. The regulations expand...more
It has been almost two years since the Privacy Shield was struck down as a valid data transfer mechanism in Schrems II. Many have been wondering “what’s next”? Will there be a replacement framework? When will that be...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
Organizations are becoming increasingly reliant on external parties to manage parts of their business, including their critical and sensitive data. While the specialized expertise and economies of scale that third parties and...more
French CNIL issues guidance for organisations on transfer impact assessments, German DSK releases statement on supplementary measures and SCCs, and Hessian DPA comments on data transfer obligations (23 June 2021)....more
Starting this fall, companies transferring personal data from the European Economic Area (EEA) will likely begin to see a flurry of contract renegotiations. On June 4, 2021, the European Commission adopted long awaited new...more
On June 4, 2021, the European Union’s (EU) executive branch, the European Commission (EC), released their new Standard Contractual Clauses (SCCs) for compliant cross-border data transfers under the EU’s General Data...more
Our Privacy, Cyber & Data Strategy Team offers 10 observations companies can use to better understand the EU’s overhaul of the standard contractual clauses that allow compliance with the General Data Protection Regulation’s...more
Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team – it provides you with a compilation of key privacy and cybersecurity regulatory and legal developments from the...more
Das Portal fragdenstaat.de (Link) hat einen Fragebogen der Hamburgischen Datenschutzbehörde veröffentlicht, mit Hilfe dessen die Behörde die Umsetzung des Schrems-II-Urteils exemplarisch am Einsatz von Office 365 überprüft....more
Is it hyperbolic to say that never before have we seen a quieter, yet more anticipated and welcome end to a year than in 2020? For some, 2020 is a year the sooner forgotten, the better. In data privacy and security law, a lot...more
While still in its relative infancy, privacy law has quickly become a turbulent teenager, with constant change around the world. At a minimum, 2021 will require meaningful efforts to implement the changes of 2020, with a...more
Meet the Euro-crats who think that the European Union needs to behave more like Russia and China. More like Nigeria, Kazakhstan, and Indonesia. These leaders are pushing not just to punish U.S. firms for successfully...more
“I worry that we are caught in a DPA (Data Protection Authority) beauty contest of who issues the bigger fine,” said Ireland Data Protection Commissioner Helen Dixon in her keynote for Daniel Solove’s Privacy+Security Academy...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the EU advocate general's decision in Schrems II, a federal court's ruling that an insurer owed coverage for a social engineering loss, the Chinese...more