Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
In-house Roundhouse: Antitrust and the Tech Industry
Pennsylvania COVID-19 Update Featuring Former Pa. Gov. Tom Corbett
If Washington State’s My Health My Data Act (“MHMDA”) “turned the beat around” on drug and device makers, then the Schrems I and II decisions by the European Court of Justice had companies on both sides of the Atlantic...more
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
The U.S. Secretary of Commerce, Gina Raimondo, issued a statement on July 3, 2023, announcing completion of commitments by the U.S. for implementing the Trans-Atlantic Data Privacy Framework (the "Framework"). The Framework...more
Since the European Court of Justice (ECJ) declared the “Safe Harbour” agreement—which had permitted U.S. companies to comply with EU restrictions on the transfer of personal data outside the EU—invalid in October 2015,...more
On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (“EO”). The EO lays ground for the long-awaited successor to the EU-U.S. Privacy...more
On 25 March 2022, President Biden and the President of the European Commission (“EC”) von der Leyen announced that the U.S. and EU reached an agreement in principle on a new Trans-Atlantic Data Privacy framework for...more
Personal data transfers from the European Economic Area (“EEA”) to most other countries, including the United States, require companies to take prompt compliance action. The General Data Protection Regulation (“GDPR”)...more
In June, the European Commission published the final version of a new set of standard contractual clauses (SCCs) that can be used to comply with the EU’s General Data Protection Regulation (the “GDPR”). These clauses are of...more
NGE Corporate & Securities partner John Koenigsknecht recently interviewed Data Privacy & Information Governance partner David Wheeler about the new standard contractual clauses and the complex task of assessing and...more
The guidance outlines how organisations should approach international transfers and confirms examples of supplemental measures that can be adopted to ensure ongoing compliance and seeking to de-mystify earlier uncertainty. ...more
Am vergangenen Freitag, den 04. April 2021, hat die EU-Kommission dem internationalen Datenverkehr ein wichtiges Update verpasst: die neuen EU-Standardvertragsklauseln (Standard Contractual Clauses; SCC) wurden...more
On June 4th, 2021, the European Commission adopted and published a new set of so-called standard contractual clauses (“SCCs”) providing a legal basis for international transfers of personal data from the EU/EEA to third...more
Earlier today, the European Commission approved and adopted a new version of the Standard Contractual Clauses (SCCs) that revises how data may be transferred by including additional privacy and legal safeguards. The remodeled...more
In a notable application of the European Court of Justice’s “Schrems II” decision, the data protection authority for the German state of Bavaria recently held that use by a German entity of US-based MailChimp (which use...more
In an increasingly datafied and globalized world, businesses have become reliant upon the seamless flow of cross-border data transfers. Transatlantic data flows play an important role in the U.S. economy. The U.S. and the...more
In 2016, European companies doing business in the US were able to breathe a sigh of relief. The European Commission deemed the Privacy Shield to be an adequate privacy protection. For the next half a decade, this shield, as...more
Is it hyperbolic to say that never before have we seen a quieter, yet more anticipated and welcome end to a year than in 2020? For some, 2020 is a year the sooner forgotten, the better. In data privacy and security law, a lot...more
Concerns are mounting for companies around the world as they consider their ability to transfer data from the EU following the recent decision by the Court of Justice of the European Union in Data Protection Commissioner v....more
As many organizations continue to struggle with the fallout from the July 2020 Schrems II decision from the European Court of Justice (“CJEU”), in November, the European Data Protection Board (“EDPB”) published two pieces of...more
The EDPB has issued recommendations concerning how organisations may lawfully transfer personal data from Europe to “third countries” (e.g., the U.S. and currently the UK from 1.1.2021) in light of the recent Schrems II...more
This past July, a decision by the European Court of Justice (ECJ) struck down the European Union-United States Privacy Shield framework (EU-U.S. Privacy Shield), one mechanism through which companies could transfer personal...more
Last week started and ended with big announcements in the privacy world. At the end of the week, on August 14th, the regulations implementing the California Consumer Privacy Act of 2018 (CCPA) were finally declared final -...more
If your company, like many other US insurance companies, has an EU or UK affiliate or parent, and you transfer personal data to the US, including employee data or even data of US persons, or if your trusted service providers...more
There is a lot going on in the world right now—and the world of data privacy is no exception. Here is a snapshot of what’s on our radar: 1. Senators Jeff Merkley and Bernie Sanders introduced the National Biometric...more
The Court of Justice of the European Union (ECJ) recently declared that the EU-U.S. Privacy Shield, used by thousands of businesses to transfer personal data between the EU and U.S., was invalid. [Case C-311/18, Data...more