Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
In-house Roundhouse: Antitrust and the Tech Industry
Pennsylvania COVID-19 Update Featuring Former Pa. Gov. Tom Corbett
Scope of the Regulation - On August 23, 2024, the Brazilian Data Protection Authority (ANPD) published Resolution CD/ANPD No. 19/2024 (the “Regulation”), which addresses international transfers of personal data....more
What Happened? On July 10, 2023, the European Commission (‘EC’) adopted its long-awaited adequacy decision approving the EU-U.S. Data Privacy Framework (‘DPF’). By doing so, the EC is confirming that personal data...more
Since the European Court of Justice (ECJ) declared the “Safe Harbour” agreement—which had permitted U.S. companies to comply with EU restrictions on the transfer of personal data outside the EU—invalid in October 2015,...more
On February 24, 2023, the Cyberspace Administration of China (“CAC”) released its final version of the Standard Contract Measures for Exporting Personal Information (“Standard Contract Measures”), accompanied by a template...more
The European Union’s General Data Protection Regulation (“GDPR”) marked a turning point in privacy and data protection practices globally and transformed how American companies approach the protection of personal data....more
While countries all over the globe continue to make data privacy strides, comparing similarities and differences between the EU and U.K. is important in light of Brexit. It is also crucial to know the differences as they...more
The transfer mechanisms drive home China’s focus on data localization, as the measures all set forth cumbersome procedures and requirements, including security assessments and required contractual considerations. Despite...more
On March 25, 2022, the European Commission and the United States announced that they have reached an “agreement in principle” on a replacement for the EU-U.S. Privacy Shield, which was invalidated by the Court of Justice of...more
EU and UK data protection rules each restrict transfers of personal data to third countries not regarded as having an adequate level of protection, such as the United States, China, Russia and India....more
Since 2018, a consistent stream of newly adopted privacy laws and other regulatory developments (such as GDPR, CCPA, Schrems II, and the new EU Standard Contractual Clauses) has required companies to make regular updates to...more
The European Union’s General Data Protection Regulation (GDPR) prohibits transfers of personal information about Europeans to destinations outside of the EU unless one of several tests is satisfied. As pertains to transfers...more
The European Data Protection Board (EDPB) has provided further guidance on data transfers. Specifically, this most recent guidance clarifies what constitutes a “transfer.” While the concept of a transfer may seem...more
As the September 27th deadline to implement the new Standard Contractual Clauses (“SCCs”) approaches, many privacy practitioners are working overtime to help their clients update their standard data processing addenda to...more
The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reins on how the New SCCs cover data transfers and what companies need to do to take advantage...more
On July 7th, the European Data Protection Board (“EDPB”) adopted its finalized guidelines on the concepts of controller and processor in the General Data Protection Regulation (“GDPR”). While the EDPB’s predecessor – the...more
There are many similarities between the Colorado Privacy Act (ColoPA), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data privacy Act (VCDPA), and Europe’s GDPR,...more
The European Commission (“EC”) has long sought to improve data privacy for Europeans, even when they interact with global or non-European companies. Laws like the General Data Protection Regulation (or “GDPR”) seek to...more
Companies have three months to prepare to use the latest standard contractual clauses for new data transfers, and 18 months to migrate existing arrangements. On 4 June 2021, the European Commission released its...more
Standard contractual clauses (SCCs) are a contract addendum with provisions governing the handling of personal information. The express language of the SCCs has been preapproved by the European Commission (Commission) to be...more
The European Commission (“EC”) has adopted a long-awaited new set of standard contractual clauses (“SCCs”) for the transfer of personal data to parties in third countries outside the European Union (“EU”) and European...more
On June 4, the European Commission (EC) adopted two sets of standard contractual clauses (SCCs) for use between controllers and processers in the European Economic Area (EEA) and for the transfer of data between EEA and...more
Since the implementation of the EU’s General Data Protection Regulation (GDPR), the European Commission’s (EC) approved Standard Contractual Clauses (SCC) have been vital to the transfer of personal data to third countries...more
The European Commission’s long-awaited updates to the Standard Contractual Clauses (“SCCs”) have arrived. Data protection lawyers globally have eagerly anticipated these changes, which are necessary to address a legal...more
Importers of EU data will need to analyze each data transfer for compliance with the new Standard Contractual Clauses; solely relying on data subjects’ consents may not be sufficient. Since the European Court of Justice...more
The Background: Transfers of personal data to countries outside the European Economic Area ("EEA") must meet certain requirements under the General Data Protection Regulation ("GDPR"). If the third country does not provide an...more