NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
In-house Roundhouse: Antitrust and the Tech Industry
What's Next after the Schrems II Decision of ECJ
Life With GDPR: Episode 47- Schrems III-Impact on the Transatlantic Digital Trade
Quick Hits Schrems II Recap Most people are now familiar with the Schrems II requirements to “know your transfers” and to protect personal data when such information is subject to processing (including remote access to...more
The European Union (EU)’s government organizations are just like any another entity trying to function in a world where global companies and even government entities are reliant on digital platforms for messaging and...more
If you feel like every day you wake up to a new data privacy law or piece of guidance, you’re not dreaming. Regulation and rulemaking are happening faster than ever before. The complexities relating to ethical data usage are...more
On 10 July 2023, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”). The adequacy decision is designed to relieve U.S.-based businesses and other institutions and...more
The new framework provides an additional route for personal data transfers from the EEA to the US. On 10 July 2023, the European Commission (EC) took the final step to enable businesses to start relying on the new EU-US...more
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
On July 10th, the European Commission issued its Implementing Decision regarding the adequacy of the EU-UD Data Privacy Framework (“DPF”). The Decision has been eagerly awaited by US and Europe based commerce, hoping it will...more
On July 10, 2023, the European Commission adopted its adequacy decision on data transfers for the EU-U.S. (European Union/United States) Data Privacy Framework (DPF). The adequacy decision concluded that the United States...more
On July 10, the European Commission issued an adequacy decision on the EU-US Data Privacy Framework (DPF), ensuring adequate protection for personal data transferred from the European Union to the United States. This decision...more
On July 10, 2023, the EU Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework, concluding that the United States ensures an adequate level of protection for personal data transferred from the...more
As of July 17, 2023, U.S.-based multinational employers that can access the personal data of their workforce members in the European Union (EU) via a human resources information system (HRIS), or otherwise transfer the...more
With data privacy landscapes changing around the globe, how can organizations handle cross-border deals while still remaining compliant? This has been a burning question over recent years....more
The U.S. Department of Commerce’s Data Privacy Framework (DPF) program website went live on July 17, and contains guidance documents for those companies wanting to know the costs and benefits of enrollment in the DPF...more
On July 10, 1962, NASA launched Telstar 1, the first active communications satellite linking Europe and the United States through live television transmission. Sixty-one years later, on July 10, 2023, the European Commission...more
At the end of June, the European Data Protection Board (EDPB) published its Recommendations (Recs) on Binding Corporate Rules (BCRs). Among other things, the Recs require existing and in process BCRs to: - Incorporate...more
Ireland’s Data Protection Commission has fined Meta Ireland 1.2 billion EUR. While you have probably heard about that, there is much, much more to this case and the larger Schrems II cross border saga. Here is what you...more
Closing in on the fifth anniversary of the entry into force of the EU General Data Protection Regulation (GDPR), the Irish Data Protection Commission (DPC) announced on 22 May 2023 that it had fined the Irish subsidiary of...more
On 22 May 2023, the Irish Data Protection Commission (DPC) issued Meta Platforms Ireland Limited (Meta Ireland) with a EUR 1.2 billion (approximately 1.3 billion U.S. dollar) fine for breaches of the GDPR with respect to...more
The GDPR journey has not been wonderful. NOYB has 800 cases out and the enforcement process is difficult because procedural law is different in different countries....more
Data transfers - the new EU-U.S. data privacy framework A new EU-U.S. transatlantic data flow agreement is expected to be finalized by the spring of 2023. The EU-U.S. Data Privacy Framework will enable the flow of...more
On 18 January 2023, the European Data Protection Board (the “EDPB”) announced the adoption of a report on the work undertaken by the Cookie Banner Task Force (the “Task Force”). The Task Force was formed in September 2021 for...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
Two and a half years after the Schrems II decision invalidated the EU-US Privacy Shield, the EU and US are inching closer to a replacement data transfer mechanism for EU to US personal data transfers. On 13 December 2022, the...more
Since Schrems II invalidated the US/EU Privacy Shield, the flow of personal data from the European Union to the United States has been subject to intense regulatory scrutiny. Companies transferring personal data to the United...more
In this month’s Privacy & Cybersecurity Update, we examine President Biden’s executive order to implement an EU-U.S. data privacy framework, the European Commission’s draft Cyber Resilience Act, the U.S. Treasury’s request...more