On August 7, 2023, the Commissioner of Data Protection of the Dubai International Financial Centre (the DIFC), a financial free-zone in the United Arab Emirates, issued the first adequacy decision regarding the California...more
8/18/2023
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Dubai ,
Information Governance ,
International Data Transfers ,
Personal Data ,
United Arab Emirates (UAE)
On 8 June 2023, the UK Prime Minister and the US President jointly announced a commitment to a renewed partnership between the countries, and a framework for economic and diplomatic co-operation (the “Atlantic Declaration”1)....more
On Tuesday, December 13, the European Commission initiated its long-awaited process towards the adoption of an adequacy decision for the European Union (EU)-U.S. Data Privacy Framework (EU-U.S. DPF), which aims to address the...more
Key Points -
President Biden has signed the long-awaited executive order implementing U.S. commitments to the new successor agreement to the Privacy Shield, the EU-U.S. Data Privacy Framework—a historic step in respect of...more
10/20/2022
/ Biden Administration ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Transfers ,
EU-US Privacy Shield ,
European Commission ,
Executive Orders ,
General Data Protection Regulation (GDPR) ,
International Data Transfers
On September 27, 2021, all new contracts that involve cross-border personal data transfers must incorporate the updated standard contractual clauses (“New SCCs”) for controllers and processors. On June 4, 2021, the European...more
On August 20, 2021, the 30th session of the Standing Committee of the 13th National People’s Congress (NPC) adopted China’s new PRC Personal Information Protection Law (PIPL), which will take effect on November 1, 2021. The...more
8/27/2021
/ China ,
Criminal Liability ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Use Policies ,
International Data Transfers ,
National Security ,
Personal Information
Recent developments in the tech sector in China, including government directives concerning heightened regulatory scrutiny of tech companies listed or looking to list in the US or on exchanges in other overseas jurisdictions,...more
The European Commission recently published two highly anticipated draft documents to facilitate data transfers. The first was the new, updated and modernised standard contractual clauses (“New SCCs”) for the transfer of...more
On November 10, 2020, the recently established Taskforce of the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area (EEA),...more
On Wednesday, December 9, the Senate Commerce, Science and Transportation Committee held a hearing titled “The Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows.” During the hearing, both...more
A coalition of African nations have developed a data protection framework with the goal of centralizing data protection laws and the digital economy across Africa. Currently, five countries, including Nigeria, are testing the...more
10/28/2020
/ Africa ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Transfers ,
Information Security ,
International Data Transfers ,
Multinationals ,
New Guidance ,
Personal Data ,
Personally Identifiable Information
The U.S. Department of Commerce, Department of Justice, and Office of the Director of National Intelligence have prepared a White Paper providing a detailed discussion and analysis of the July 16th Data Protection...more
10/1/2020
/ Court of Justice of the European Union (CJEU) ,
Data Protection ,
Department of Justice (DOJ) ,
Departments of Commerce ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses ,
White Papers
Two developments in the United Kingdom demonstrate the country’s renewed commitment to a sustainable data strategy with appropriate privacy and security safeguards. First, on September 9, 2020, the U.K. government published a...more
9/30/2020
/ Artificial Intelligence ,
Cyber Threats ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
Data Storage ,
International Data Transfers ,
Personal Data ,
Research and Development ,
UK
The Federal Data Protection and Information Commissioner (FDPIC) has determined that the Swiss-United States Privacy Shield does not provide an adequate level of data protection for data transfers from Switzerland to the U.S....more
9/30/2020
/ Binding Corporate Rules ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
EU-US Privacy Shield ,
International Data Transfers ,
Personally Identifiable Information ,
Risk Assessment ,
Standard Contractual Clauses ,
Swiss Privacy Shield ,
Switzerland
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
9/14/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information
On July 16, 2020, the Grand Chamber of the Court of Justice of the European Union (CJEU) in Luxembourg handed down its highly anticipated judgment in a case brought by privacy activist Max Schrems (C-311/18, Data Protection...more
7/20/2020
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Safe Harbors ,
Standard Contractual Clauses
The EU General Data Protection Regulation (GDPR), which revised and sought to ensure greater harmonization of the European Union’s data protection framework, took effect in May 2018. Among the changes it introduced was the...more
2/21/2019
/ Cybersecurity ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Data Subjects Rights ,
EU ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
Goods or Services ,
International Data Transfers ,
Proposed Guidance
• Non-profit organizations are testing companies’ GDPR compliance through targeted requests for information and other means and are filing complaints against allegedly non-compliant companies.
• Main areas for non-profit...more
1/28/2019
/ Australia ,
CNIL ,
Cybersecurity ,
Data Collection ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
Google ,
International Data Transfers ,
Nonprofits ,
Personal Data ,
Popular ,
Request For Information
On August 1, 2016, the Department of Commerce began accepting applications for self-certification under the new Privacy Shield requirements. Privacy Shield was approved by the European Union (EU) on July 12, 2016, and...more
On July 8, 2016, the European Commission Article 31 Committee, consisting of representatives from each of the EU member states, approved the revamped EU-U.S. Privacy Shield. This news marks a significant step forward for the...more
Wednesday, February 3, brought additional developments pertaining to the transfer of personal data from the EU to the U.S. consistent with EU privacy law. Just one day prior, we reported on the announcement by the EU and U.S....more
On December 15, 2015, European Union (“EU”) politicians and officials reached a political agreement on a new EU-wide legal framework to govern data sharing and collection and related consumer privacy rights. It is called the...more
In the wake of the European Court of Justice’s (“CJEU”) landmark decision of Schrems v. Data Protection Authority earlier this month, the EU Justice Commissioner Vera Jourova announced this week that the EU has “agreed in...more
11/2/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Data Protection Authority ,
EU Data Protection Laws ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Model Contracts ,
National Security Agency (NSA) ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
If you read one thing...
- Just this week, Europe's highest court struck down the U.S.-EU Safe Harbor Framework, stating that it failed to adequately protect the privacy rights of EU citizens.
- The ruling,...more