Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
In-house Roundhouse: Antitrust and the Tech Industry
Pennsylvania COVID-19 Update Featuring Former Pa. Gov. Tom Corbett
On July 10th, the European Commission issued its Implementing Decision regarding the adequacy of the EU-UD Data Privacy Framework (“DPF”). The Decision has been eagerly awaited by US and Europe based commerce, hoping it will...more
On July 10, 2023, the European Commission adopted its adequacy decision on data transfers for the EU-U.S. (European Union/United States) Data Privacy Framework (DPF). The adequacy decision concluded that the United States...more
On July 10, 2023, the European Commission (“EC”) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). Nearly three years after the Court of Justice of the European Union (“CJEU”)...more
It has been a long time coming, but the other shoe has finally dropped. Ireland’s Data Protection Commission (DPC) fined Meta Platforms Ireland (parent of Facebook Ireland) €1.2 billion, the highest fine to date under the...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
On December 13, 2022, the European Commission published its draft adequacy decision recognizing the essential equivalence of U.S. data protection standards, laying the foundations for finalization of the European Union...more
The 13 December 2022 marked a further stage in restoring greater stability for transatlantic personal data transfers, as the European Commission (the Commission) launched the process towards adoption of an adequacy decision...more
In a significant move toward replacing the invalidated Privacy Shield, the European Commission (EC) released a draft Adequacy Decision on December 13, 2022, concluding that the U.S. legal framework provides an adequate level...more
In this month’s Privacy & Cybersecurity Update, we examine President Biden’s executive order to implement an EU-U.S. data privacy framework, the European Commission’s draft Cyber Resilience Act, the U.S. Treasury’s request...more
In early October, the United States (“U.S.”) and European Union (“EU”) came one step closer to the much-awaited new EU-US Data Privacy Framework (the “Framework”), designed to facilitate transatlantic data flows between the...more
US President Joseph Biden issued an Executive Order On Enhancing Safeguards for United States Signals Intelligence Activities on October 7, which establishes safeguards relating to the handling of personal information in the...more
In March 2022, the US and EU announced they had agreed in principle to a new Trans-Atlantic Data Privacy Framework (Framework) intended to simplify transfers of personal information. After months of waiting for the final...more
The European Union’s General Data Protection Regulation (“GDPR”) marked a turning point in privacy and data protection practices globally and transformed how American companies approach the protection of personal data....more
The EU and US recently announced that they have reached “an agreement in principle” on a new framework to enable EU-US data transfers following the highly impactful EU ruling that dismantled the prior Privacy Shield...more
In this month’s Privacy & Cybersecurity Update, we analyze the U.S. and EU’s joint commitment to create a new data transfer framework to replace the invalidated Privacy Shield, as well as Utah’s new state privacy law and...more
On March 25, a huge sigh of relief was heard from businesses and organizations located throughout the United States and Europe after the U.S. and European Commission announced their agreement in principle on a new...more
In this month’s Privacy & Cybersecurity Update, we review the TSA’s new cybersecurity requirements for critical U.S. infrastructure, the White House OMB’s new guidance on cyber incident reporting procedures and the U.S.-U.K....more
On November 19, 2021, the European Data Protection Board (“EDPB”) issued draft guidance on the interplay between Article 3 of the General Data Protection Regulation (“GDPR”) and the provisions on international transfers...more
On September 27, 2021, all new contracts that involve cross-border personal data transfers must incorporate the updated standard contractual clauses (“New SCCs”) for controllers and processors. On June 4, 2021, the European...more
On June 4, the European Commission (Commission) adopted new standard contractual clauses (SCCs) for the transfer of personal data to third countries. SCCs have long been an important tool for EU data transfers, as one of only...more
In recent weeks, there has been a series of important developments affecting cross-border data transfers. First, on 21 June 2021, the European Data Protection Board ("EDPB") published its final, much-anticipated...more
At the beginning of the year, the German data protection authorities (DPAs) announced that they would take joint action to enforce the decision of the European Court of Justice (ECJ) in the "Schrems II" case. On June 1,...more
The European Commission has published updated versions of the standard contractual clauses for international transfers of personal data from the European Union (“EU”). These new standard contractual clauses take into account...more
In early June 2021, the European Commission adopted a new set of Standard Contractual Clauses for organizations to use to ensure compliance with the EU General Data Protection Regulation (GDPR) requirements for transfers of...more
Organizations are closely tracking which of their vendors previously relied on Privacy Shield. Separately, they are preparing Transfer Impact Assessments (“TIAs”) to evaluate and address risks associated with personal data...more