Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
In-house Roundhouse: Antitrust and the Tech Industry
Pennsylvania COVID-19 Update Featuring Former Pa. Gov. Tom Corbett
The European Union’s (“EU”) Data Protection Commission (the “Commission”) recently fined Meta Ireland $1.3 billion (or €1.2 billion) for improper data transfers from the European Economic Area (“EEA”) to the United States in...more
It shouldn’t come as a surprise that the European Data Protection Board (EDPB), through Ireland’s Data Protection Commission (DPC), issued another fine against a large US technology company. What may come as a surprise is the...more
Closing in on the fifth anniversary of the entry into force of the EU General Data Protection Regulation (GDPR), the Irish Data Protection Commission (DPC) announced on 22 May 2023 that it had fined the Irish subsidiary of...more
On May 22 the Irish Data Protection Commission (“DPC”), Ireland’s data privacy watchdog, issued its final and binding decision against Meta with respect to Facebook’s exporting of personal data from Europe to the US from July...more
On 22 May 2023, the Irish Data Protection Commission (DPC) issued Meta Platforms Ireland Limited (Meta Ireland) with a EUR 1.2 billion (approximately 1.3 billion U.S. dollar) fine for breaches of the GDPR with respect to...more
The final decision of the Irish Data Protection Commission (IDPC) in relation to the transfers of EU/EEA Facebook user data by Meta Platforms Ireland Limited (Meta Ireland) to its processor, Meta Platforms, Inc., in the US...more
Today saw a key ruling by the Irish High Court which could have wide ranging implications in relation to a range of data use, targeted advertising and data transfers between Europe and the United States. The Irish data...more
News sources reported this month that the Irish data protection authority (DPA) had sent Facebook a preliminary order that would prohibit the transfer of information about European Union (EU) residents to US Facebook users....more
Will the EU finally deny the right to transfer any personal data from its shores to the United States? Its privacy decisions have been inching closer to this determination for years, and an Irish case against Facebook may tip...more
The Court of Justice of the European Union (CJEU) recently issued a decision with global implications for data transfers from the EU in a case referred to the CJEU from the Irish Data Protection Commissioner, colloquially...more
EDPB and data protection authorities’ views and statements on the “Schrems II”- decision by the CJEU - On 16 July, 2020, the European Court of Justice (“CJEU“) passed a decision invalidating the EU-US Privacy Shield and...more
As discussed in an earlier alert, the Court of Justice of the European Union in a landmark decision in the Schrems II case invalidated the EU-US Privacy Shield framework, which was widely used by thousands of US organizations...more
The table below sets out the guidance provided by data protection authorities (DPA) in response to the European Court of Justice’s landmark judgment in Case C-311/18 Data Protection Commissioner v. Facebook Ireland and...more
The Court of Justice of the European Union (“CJEU”), on July 16, 2020, invalidated the European Union-U.S. Privacy Shield Framework (“Privacy Shield”), which more than 5,300 U.S. organizations had relied on to lawfully...more
On July 16, 2020, the Court of Justice of the European Union (CJEU), the supreme court of the European Union on matters involving European Union law, issued its long anticipated decision in the “Schrems II” case ( case...more
On July 16, 2020, Europe’s highest court, the Court of Justice of the European Union, struck down the Privacy Shield, an agreement that permitted companies operating in the European Union (EU) to transfer data to the United...more
On July 16, 2020, the European Court of Justice (Court) ruled in the “Schrems II” case that the one of the most commonly used cross border data transfer mechanisms between the European Union (EU) and the United States (US),...more
In a decision issued on July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the EU-U.S. Privacy Shield Framework, one of the primary tools used by companies in the European Union (EU) to transfer...more
El TJUE se pronuncia sobre la validez del Privacy Shield y las Cláusulas Contractuales Tipo (Responsable-Encargado). En su sentencia, el TJUE ha: (i) invalidado el Privacy Shield como mecanismo para transferir de forma segura...more
The Court of Justice of the European Union (ECJ) has finally issued its decision on the validity of standard contractual clauses (SCCs) in the Irish Data Protection Commissioner’s referral to the ECJ for an opinion on the...more
The Court of Justice of the European Union today invalidated the EU-US Privacy Shield and called into question the extent to which EU data exporters could rely on the European Commission’s Standard Contractual Clauses for...more
Yesterday, the Court of Justice of the EU (“CJEU”) issued a judgment with two important outcomes: (1) invalidation of the U.S.-EU Privacy Shield as a basis for transfers of personal data from the EU to the U.S.; and (2)...more
On April 11, Justice Caroline Costello of the Irish High Court referred the Schrems 2.0 case to the Court of Justice of the European Union (ECJ) with 11 questions for the ECJ to answer. Per Justice Costello, the sole issue in...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Commission's annual review of the Privacy Shield, a potential threat to the European Union's "standard contractual clauses," a push by...more
The Situation: The European Court of Justice ("ECJ") is to rule on the validity of EU Standard Contractual Clauses used by companies to transfer personal data outside of the European Union, at the request of Ireland's High...more