Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
In-house Roundhouse: Antitrust and the Tech Industry
Pennsylvania COVID-19 Update Featuring Former Pa. Gov. Tom Corbett
Following a German case brought against the EU Commission, the EU General Court found that the Commission had made an improper transfer of personal information to the US. The plaintiff, a German citizen, alleged (among other...more
Organisations that make international transfers of personal data have undergone significant challenges and changes over the last few years. With the invalidation of the Privacy Shield agreement in 2020 and the introduction of...more
Latham & Watkins and Privacy Laws & Business recently co-hosted a webinar looking back on the first eight months since the UK-US Data Bridge entered into force. Speakers from the UK Information Commissioner’s Office (ICO) and...more
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) has issued a €290 million fine to Uber for violating the EU’s General Data Protection Regulation (GDPR)....more
As more and more states enact laws that mirror aspects of GDPR, and as companies begin to get used to the EU’s new standard contractual clauses, now may be a good opportunity for a refresh on data sharing agreements. As most...more
Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more
The new framework provides an additional route for personal data transfers from the EEA to the US. On 10 July 2023, the European Commission (EC) took the final step to enable businesses to start relying on the new EU-US...more
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
U.S. companies can now self-certify to permit personal data to freely flow from the Europe to the United States. U.S. organizations can now self-certify their compliance with the EU-U.S. Data Privacy Framework (DPF) to...more
On July 10th, the European Commission issued its Implementing Decision regarding the adequacy of the EU-UD Data Privacy Framework (“DPF”). The Decision has been eagerly awaited by US and Europe based commerce, hoping it will...more
On July 10, 2023, the European Commission adopted its adequacy decision on data transfers for the EU-U.S. (European Union/United States) Data Privacy Framework (DPF). The adequacy decision concluded that the United States...more
The European Commission published a very significant adequacy decision last week, which is expected to facilitate transfers of personal information from Europe to the United States. The decision came as part of the...more
On July 10, the European Commission issued an adequacy decision on the EU-US Data Privacy Framework (DPF), ensuring adequate protection for personal data transferred from the European Union to the United States. This decision...more
As of July 17, 2023, U.S.-based multinational employers that can access the personal data of their workforce members in the European Union (EU) via a human resources information system (HRIS), or otherwise transfer the...more
With data privacy landscapes changing around the globe, how can organizations handle cross-border deals while still remaining compliant? This has been a burning question over recent years....more
On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concluded that the United States does ensure an adequate level of protection for transferring...more
On 10 July 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (the DPF). With immediate effect, the adequacy decision provides a new lawful basis for transfers from...more
On July 10, 1962, NASA launched Telstar 1, the first active communications satellite linking Europe and the United States through live television transmission. Sixty-one years later, on July 10, 2023, the European Commission...more
The European Union’s (“EU”) Data Protection Commission (the “Commission”) recently fined Meta Ireland $1.3 billion (or €1.2 billion) for improper data transfers from the European Economic Area (“EEA”) to the United States in...more
It has been a long time coming, but the other shoe has finally dropped. Ireland’s Data Protection Commission (DPC) fined Meta Platforms Ireland (parent of Facebook Ireland) €1.2 billion, the highest fine to date under the...more
Since the European Court of Justice (ECJ) declared the “Safe Harbour” agreement—which had permitted U.S. companies to comply with EU restrictions on the transfer of personal data outside the EU—invalid in October 2015,...more
Data transfers - the new EU-U.S. data privacy framework A new EU-U.S. transatlantic data flow agreement is expected to be finalized by the spring of 2023. The EU-U.S. Data Privacy Framework will enable the flow of...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
As U.S.-based companies await a decision by the European Union (EU) regarding data transfers, the European process for approving the EU-U.S. data privacy framework has progressed a step. The European Commission released a...more
Colorado Department of Law Issues Draft CPA Revisions - On December 22, the Colorado Department of Law issued updates to the draft Colorado Privacy Act (CPA) rules. These revisions build on written comments and feedback from...more