Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
If you have been doing business with entities in the European Union, chances are that you have struggled to figure out how to transfer data from the EU to the US without running afoul of the General Data Protection Regulation...more
U.S. companies can now self-certify to permit personal data to freely flow from the Europe to the United States. U.S. organizations can now self-certify their compliance with the EU-U.S. Data Privacy Framework (DPF) to...more
U.S. companies will face restrictions on transferring and storing information about European residents after the European Court of Justice ruled that such transfers exposed Europeans to American government surveillance...more
On July 7, the Court of Justice of the European Union (ECJ) invalidated the EU-US Privacy Shield framework in its ruling in Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems (Case C-311/18). More than...more
The European Data Protection Board (EDPB) has issued its much anticipated FAQs on the Court of Justice of the European Union's (CJEU) Schrems II decision. This document does not yet contain the "supplementary measures" that...more
The EU-U.S. Privacy Shield program is invalid, the Court of Justice of the European Union (CJEU) declared on July 16, 2020, in the matter of Data Protection Commissioner v. Facebook Ireland and Schrems (C-311/18) (Schrems...more
The Court of Justice of the European Union just ruled that an important data protection scheme established between the European Union and the United States is invalid, calling into question many aspects of important data...more
The Court of Justice for the European Union (CJEU) on July 16, 2020, invalidated the EU-U.S. Privacy Shield as an approved mechanism for transferring personal data from the European Union to the United States. This decision...more
On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield, ruling, among other things, that U.S. domestic law...more
Three years ago, the European Court of Justice killed the US-EU Safe Harbor Program. In the wake of the decision, American and EU negotiators developed the “Privacy Shield” program to facilitate cross-Atlantic data transfers....more
On October 18, 2017, the EU Commission released its report of the first annual review of the EU-U.S. Privacy Shield framework. The Privacy Shield is the successor of the Safe Harbor Agreement which was invalidated by the...more
On September 8, 2017, the US Federal Trade Commission (FTC) announced that three US companies have reached a settlement regarding charges that the companies misled consumers in connection with their participation in the EU-US...more
It’s been almost one year since the EU-U.S. Privacy Shield (Privacy Shield) came into existence. Its upcoming annual review in September by the European Commission (Commission) and the U.S. Department of Commerce (DOC) – its...more
US companies with employees or clients in Switzerland will be interested to hear that the new Swiss-US Privacy Shield was approved on 11 January. Although Switzerland is not a member of the European Union, its data...more
Businesses have now had four months to get to grips with the new EU-U.S. Privacy Shield for transatlantic data transfers after it came into force in August 2016. As the New Year looms, what are the emerging trends we have...more
Reuters reported earlier this month that, according to three former employees, Yahoo Inc. had “complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo mail accounts at the behest of the NSA...more
On August 1, 2016, the U.S. Department of Commerce began accepting self-certification applications for the new EU-U.S. Privacy Shield Framework. In the month that has followed over 100 companies (including Microsoft, Oracle...more
The European Commission recently determined that the Privacy Shield Framework is adequate to legitimize data transfers under EU law, providing a replacement for the Safe Harbor program. The Privacy Shield is designed to...more
With the August 1st start of the Privacy Shield, the European Commission’s new and long-awaited transatlantic data transfer agreement with the U.S., businesses that had previously relied on the invalidated Safe Harbor scheme...more
Every generation eventually reaches a point (some might call it “early middle age”) where its formative years become the focus of widespread nostalgia. As indicated by the success of the recent Star Wars sequel and numerous...more
On July 12, 2016, the European Commission formally adopted the Privacy Shield, a new transatlantic framework for the transfer of personal data from the European Union (EU) and certain countries of the European Economic Area...more
Beginning on August 1, 2016, U.S. companies have a new way to legally facilitate the transfer of personal data from the European Union to the U.S. Known as the EU-U.S. Privacy Shield, this new agreement between the EU and the...more
Beginning August 1, U.S.-based companies that self-certify their compliance with the EU-U.S. Privacy Shield will be able to import data under the new data transfer framework. But how can your company best prepare? ...more
As of, August 1st, 2016, U.S. companies can now join the Safe Harbor successor EU-U.S. Privacy Shield (the “Privacy Shield”) for personal data transfers from the EU to the U.S. This post gives a high level summary of...more
If your company transfers the personal information of European Union citizens to the United States, you likely have kept a close eye on the evolution of EU privacy law since a European court invalidated the former EU-U.S....more