Effective July 10, 2023, the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) replaced the invalidated EU-U.S. Privacy Shield framework (“Privacy Shield”). Participating U.S. organizations can now receive personal data...more
The FTC and DOJ reached a settlement with Twitter, Inc. to resolve allegations that the company used user personal data to help sell targeted advertisements in violation of the FTC Act and a 2011 FTC Order, which prohibited...more
Last week, the United States Department of Justice, acting on behalf of the Federal Trade Commission, took action against Twitter, Inc. for allegedly using private account security data to sell targeted advertisements without...more
The Federal Data Protection and Information Commissioner (FDPIC) has determined that the Swiss-United States Privacy Shield does not provide an adequate level of data protection for data transfers from Switzerland to the U.S....more
In a much anticipated ruling, this month the Swiss Data Protection Authority concluded that the EU-US Swiss Privacy Shield was no longer an adequate method for transferring personal information from Switzerland to the US. In...more
Following the CJEU’s invalidation of the EU Commission’s adequacy decision on the EU-U.S. Privacy Shield in Schrems 2.0, on September 8, 2020, the Federal Data Protection and Information Commissioner (FDPIC) found that the...more
On September 8, 2020, the Swiss Federal Data Protection and Information Commissioner (FDPIC) announced that it no longer considers the Swiss-U.S. Privacy Shield (Swiss Shield) to provide adequate protections for transfers of...more
Nearly three years ago, the EU-U.S. and Swiss-U.S. Privacy Shield frameworks replaced the U.S.-EU and U.S.-Swiss Safe Harbor programs as a self-certification mechanism to transfer personal data from the European Union and...more
Privacy Shield participants must update their privacy notices by March 29, 2019 (if the UK crashes out of the EU then with no deal) to continue to rely on the Privacy Shield for UK to US transfers post-Brexit. Privacy Shield...more
The EU General Data Protection Regulation (GDPR) took effect on May 25, 2018. Potential fines for violating the GDPR include up to four percent of an organization's annual profits or €20 million (approximately $23 million),...more
The U.S. Federal Trade Commission (FTC) recently settled enforcement actions against three companies accused of misleading consumers about their participation in the European Union-United States Privacy Shield framework,...more