“The United States shares the values of rule of law and protection of our democracies with our partners in the European Union (EU). Therefore, we are deeply disappointed that the Court of Justice of the European Union (ECJ)...more
“The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce, and the European Commission and Swiss Administration, respectively, to provide companies on both sides of the Atlantic...more
After a number of data protection authorities issued statements demonstrating differing approaches to cross-border transfers to the U.S. in the wake of the Court of Justice of the European Union’s decision in Schrems II (e.g....more
In a landmark decision in what is popularly known as the "Schrems II" case, the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield, the framework that facilitated the transfers of personal data from...more
7/21/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Transfers ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
Privacy Laws ,
SCC ,
U.S. Commerce Department
The European Court of Justice’s ruling in Schrems II, invalidating the EU-U.S. Privacy Shield framework as a means of transmitting personal data from the EU to the U.S., has drawn swift reaction from data protection...more
The Court of Justice of the European Union (CJEU), in its decision in the Schrems II case, has invalidated the EU-U.S. Privacy Shield method for cross-border transfer of personal data from the European Union to the United...more
As lockdown restrictions ease and businesses begin to reopen, the UK Information Commissioner's Office (ICO) has set out the key steps organizations need to consider around the use of personal information. They are:...more
The European Data Protection Board has issued a statement on the adoption by the Hungarian government of derogations from certain data protection and access to information provisions of the European Union's General Data...more
The European Data Protection Supervisor weighs the impact of the COVID-19 on future data protection strategy and fundamental rights.
“Covid-19 is a game changer. Thinking about the EDPS’ strategy for the next five years, we...more
Coronavirus and Data Protection guidance from the Catalan Data Protection Authority:
•Under Articles 6.1.(e) and 9.2.(i) GDPR, health authorities may share health data when this is needed for reasons of public interest in...more
After many data protection authorities (in the European Union and beyond) provided guidance and FAQ's on the relationship between COVID-19 (Coronavirus) and data protection laws (e.g. GDPR), the European Data Protection Board...more
The European Data Protection Board has published draft guidelines for public comment on the data protection aspects of connected vehicles.
Key takeaways:
The Relevant Players-
Non exhaustive list of stakeholders: vehicle...more
2/12/2020
/ Connected Cars ,
Cybersecurity ,
Data Controller ,
Data Protection ,
Draft Guidance ,
Driverless Cars ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
Speak to me in algorithms.
The European Data Protection Board (EDPB) has issued a letter on the appropriateness of the GDPR as a legal framework to protect citizens from unfair algorithms....more
“Perhaps the more urgent need is to share ideas, instead of rushing to share people’s data,” writes European Data Protection Supervisor Wojciech Wiewiórowski.
“More than ever, there is a need to illuminate new paths for...more
The International Association of Privacy Professionals is holding its 2019 Europe Data Protection Conference in Brussels. Partner Odia Kagan, who is in attendance, shares some takeaways from day two of the event....more
The International Association of Privacy Professionals is holding its 2019 Europe Data Protection Conference in Brussels. Partner Odia Kagan, who is in attendance, shares some takeaways from day one of the event....more
The European Data Protection Board has issued long-awaited final guidelines for the extraterritorial application of the General Data Protection Regulation (GDPR).
Key changes:
(1) GDPR can apply extraterritorially to some...more
The European Data Protection Supervisor (EDPS) has issued guidance on the concepts of data controller and processor for European Union organizations. Though it covers EU institutions, the guidance contains many concepts that...more
11/14/2019
/ California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
The Information Commissioner of the Isle of Man has issued guidance on “accountability” under GDPR.
Key takeaways:
You need to develop, embed and maintain a culture of data protection in your processing activities, with...more
The European Commission expects the U.S. Department of Commerce (DoC) to request from companies evidence of the privacy provisions of the relevant contracts with third parties to assess compliance with the onward transfer...more
Privacy Shield lives to shield another year (Part 1).
The European Commission has published its third annual report on Privacy Shield....more
The European Data Protection Board (EDPB) has issued final guidelines on the General Data Protection Resolution's (GDPR) legal basis of "Necessary for the Performance of a Contract" (Article 6(1)(b)....more
The UK’s Information Commissioner’s Office shares its thoughts on the complexity of producing or deleting data used to train machine learning algorithms in data subject requests under GDPR....more
The Court of Justice of the European Union has issued its Planet 49 decision.
Key takeaways:
A pre-checked check box is not sufficient consent for the placement of cookies....more
A Facebook “like” is actually more like “in a [Joint Controller] relationship” status, says the Court of Justice of the EU in a long awaited decision in the Fashion ID matter.
At issue: The legal framework surrounding...more