On July 10, 2023, the EU Commission approved the EU-U.S. Data Privacy Framework (“EU-US DPF”) as a valid transfer mechanism for sharing personal data from European Economic Area countries (those in the EU plus Iceland,...more
7/13/2023
/ Adequacy Requirement ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
Framework Agreement ,
Iceland ,
International Data Transfers ,
Liechtenstein ,
Norway ,
Popular ,
Self-Certification ,
Switzerland ,
UK
Top 3 Takeaways -
On Friday, June 4, 2021, the European Commission adopted two sets of standard contractual clauses, one for use between controllers and processors and one for the transfer of personal data to “third...more
Today, July 16, 2020, the EU’s top court, the Court of Justice of the European Union (CJEU), issued its highly anticipated decision in the Schrems II case. In doing so, CJEU has invalidated the EU-US Privacy Shield Framework...more
If your company holds or collects data in the US, the UK and elsewhere in the EU, you should be mapping out how data flows through those jurisdictions in anticipation of the UK “crashing out” of the European Union in October,...more
Privacy Shield participants must update their privacy notices by March 29, 2019 (if the UK crashes out of the EU then with no deal) to continue to rely on the Privacy Shield for UK to US transfers post-Brexit. Privacy Shield...more
3/19/2019
/ Corporate Counsel ,
Data Protection ,
Data Protection Authority ,
EU-US Privacy Shield ,
International Data Transfers ,
No-Deal Brexit ,
Personal Data ,
Privacy Policy ,
Swiss Privacy Shield ,
UK Brexit ,
Withdrawal Agreement
The EU’s General Data Protection Regulation goes into effect on May 25, 2018. GDPR replaces the EU Data Protection Directive. GDPR can apply to US-based businesses even if they do not have offices or employees in the EU. It...more
5/3/2018
/ Breach Notification Rule ,
Cybersecurity ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information
The EU’s General Data Protection Regulation goes into effect on May 25, 2018. GDPR replaces the EU Data Protection Directive. GDPR can apply to US-based businesses even if they do not have offices or employees in the EU. It...more
Follow our three-question flowchart to answer the question: “Does GDPR Apply to You?” If “Yes” then you may be required to designate a Data Protection Officer (“DPO”) by May 25, 2018, when the GDPR applies.
Follow our...more
On January 11, 2017, the Swiss Federal Council announced that a new framework will govern the transfer of personal data from Switzerland to the US. According to the Federal Council, the Swiss-US Privacy Shield Framework...more