Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
The United Kingdom has announced its decision to establish the UK-U.S. Data Bridge. The UK-U.S. Data Bridge will allow UK businesses and organizations to transfer personal data to organizations in the United States that have...more
The new framework provides an additional route for personal data transfers from the EEA to the US. On 10 July 2023, the European Commission (EC) took the final step to enable businesses to start relying on the new EU-US...more
The European Commission published a very significant adequacy decision last week, which is expected to facilitate transfers of personal information from Europe to the United States. The decision came as part of the...more
With data privacy landscapes changing around the globe, how can organizations handle cross-border deals while still remaining compliant? This has been a burning question over recent years....more
On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concluded that the United States does ensure an adequate level of protection for transferring...more
On 10 July 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (the DPF). With immediate effect, the adequacy decision provides a new lawful basis for transfers from...more
On July 10, 2023, the European Commission adopted its much-anticipated adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concludes that the US ensures an adequate level of protection—comparable to...more
Swiftly on the heels of the U.S. announcing it fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the Framework), the European Commission (the EC) formally recognized that commercial organizations...more
On July 10, 1962, NASA launched Telstar 1, the first active communications satellite linking Europe and the United States through live television transmission. Sixty-one years later, on July 10, 2023, the European Commission...more
After years of uncertainty in the privacy rules governing transfer of data from the EU to the U.S., the new transatlantic data privacy framework has finally been adopted. On July 10, the European Commission formally adopted...more
On December 15, 2020, the European Commission (EC) unveiled a set of proposals to regulate digital platforms. The draft laws include antitrust-related requirements, addressed by the Digital Markets Act (DMA) and more general...more
Keypoint: Representatives of the European Commission and EDPB advised that further guidance on cross-borders data transfers are forthcoming. Last week, Didier Reynders, European Commissioner for Justice, and Dr. Andrea...more
Last week started and ended with big announcements in the privacy world. At the end of the week, on August 14th, the regulations implementing the California Consumer Privacy Act of 2018 (CCPA) were finally declared final -...more
In the wake of the Schrems II decision invalidating the the EU-US Privacy Shield, the US Department of Commerce has decided it should make lemonade out of the Schrems lemons. The Department recently issued a set of FAQs,...more
Still grappling with the aftershocks of the Schrems II decision from the CJEU on July 16 (we previously discussed the Schrems II decision here), the European Data Protection Board (“EDPB”) has issued a Frequently Asked...more
The EDPB has provided input about consent in its recent FAQs responding to the Schrems II invalidation of Privacy Shield. As we wrote about previously in this series, Schrems II impacted how companies transfer data from the...more
In our Schrems II Practical Guidance special reports, members of McDermott’s internationally recognized Global Privacy & Cybersecurity group have outlined practical guidance and next steps to ensure your business is prepared...more
U.S. companies will face restrictions on transferring and storing information about European residents after the European Court of Justice ruled that such transfers exposed Europeans to American government surveillance...more
The European Data Protection Board (EDPB) has issued its much anticipated FAQs on the Court of Justice of the European Union's (CJEU) Schrems II decision. This document does not yet contain the "supplementary measures" that...more
Key Takeaways - The EU-U.S. Privacy Shield does not ensure an adequate level of protection of personal data and is therefore not a lawful basis for data transfers to the U.S....more
The Court of Justice of the European Union (CJEU) sent shockwaves through the privacy community last week. As Jonathan Armstrong of Cordery explains in this podcast, it put an effective end to the Privacy Shield because of...more
There is a lot currently happening in the European Union. From the latest European Court opinions with respect to merger clearance, dominance violations, data protection and state aid to Brexit, we’re checking in with our...more
The EU-U.S. Privacy Shield program is invalid, the Court of Justice of the European Union (CJEU) declared on July 16, 2020, in the matter of Data Protection Commissioner v. Facebook Ireland and Schrems (C-311/18) (Schrems...more
The Court of Justice of the European Union just ruled that an important data protection scheme established between the European Union and the United States is invalid, calling into question many aspects of important data...more
The Court of Justice for the European Union (CJEU) on July 16, 2020, invalidated the EU-U.S. Privacy Shield as an approved mechanism for transferring personal data from the European Union to the United States. This decision...more