On 27 June 2024, the Spanish supervisory authority (‘AEPD’) and the European Data Protection Supervisor (‘EDPS’), announced the joint publication of a report addressing the data protection challenges associated with neuro...more
The European Union (EU)’s government organizations are just like any another entity trying to function in a world where global companies and even government entities are reliant on digital platforms for messaging and...more
On 26 April 2023, in case T-557/20 (Single Resolution Board v EDPS), the Court of Justice of the European Union in its General Court configuration (the Court) annulled the decision of the European Data Protection Supervisor...more
In August 2020, privacy activist organization NOYB – European Center for Digital Rights filed 101 complaints with the EU Supervisory Authorities (‘SAs’) in connection with the transfer of personal data from Europe to...more
SEC Division of Examinations Issues Risk Alert on Regulation S-ID and Identity Theft Prevention Programs - On December 5, 2022, the Securities and Exchange Commission (“SEC”) Division of Examinations (“EXAMS”) issued a...more
Recent decisions from the European Union (EU) have placed renewed focus on the use of common cookies used on ecommerce and other websites used by consumers and employees and transfers of personal data collected through...more
“Clear is kind. Unclear is unkind,” according to author Brené Brown. A joint opinion from the European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) on the European Union’s proposed digital...more
Ending months of anxious speculation from privacy lawyers around the globe, the European Commission announced on Friday that it had adopted final versions of the new Standard Contractual Clauses (the “New SCCs”) for the...more
In an increasingly datafied and globalized world, businesses have become reliant upon the seamless flow of cross-border data transfers. Transatlantic data flows play an important role in the U.S. economy. The U.S. and the...more
The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) weigh in on the new Standard Contractual Clauses proposed by the European Commission (EC) for transfers to third countries (new...more
When a controller engages a processor, the GDPR requires that the parties enter into a specific contract that contains certain mandatory provisions. This contract is often referred to as a ‘data processing agreement’ or...more
On 15 January, 2021, the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) adopted a joint opinion (“Joint Opinion”) on the draft new sets of Standard Contractual Clauses (“New...more
Last week, the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) published a joint opinion on the European Commission’s (“EC”) proposed new set of Standard Contractual Clauses for...more
On December 31, 2020, the Brexit transition period ended and the United Kingdom’s (UK) domestic implementation of the GDPR, the UK Data Protection Act 2018, as amended (UK GDPR), now governs the processing of personal data in...more
italiano: La gestione gel flusso trasfrontaliero dei dati dopo la sentenza Schrems II By: Ivan Rotunno, Giulia Rivarola di Roccella, and Martina Acquaro Following the decision of the European Court of Justice of the European...more
The European Court of Justice’s ruling in Schrems II, invalidating the EU-U.S. Privacy Shield framework as a means of transmitting personal data from the EU to the U.S., has drawn swift reaction from data protection...more
In this month's edition of our Privacy & Cybersecurity Update, we examine a declaration on ethical considerations for artificial intelligence, the annual joint review of the Privacy Shield, a new lawsuit from a snack food...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - United States and China Renew Promise Not to Hack - On October 4, U.S. and Chinese officials agreed to not engage in targeted hacking. Per a...more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
Following twenty-seven EU and U.S. non-profit organizations in their letter of March 16, the Article 29 Working Party (WP29) in its opinion n° 01/2016 of April 13 and the EU Parliament in its resolution of May 26, it is now...more
The push for the European Union and the United States to reopen negotiations over the EU-U.S. Privacy Shield may have just become a shove, due to a recent opinion released by the European Data Protection Supervisor (EDPS)...more
Last week has seen two important developments in relation to the EU-U.S. Privacy Shield (“Privacy Shield”) for transfers of personal information from Europe to the United States. A draft adequacy decision and related...more
European Data Protection Supervisor (EDPS) Giovanni Buttarelli issued his formal opinion on the EU- US Privacy Shield, arguing that while it’s a step in the right direction, “robust improvements” are needed. The EDPS is an...more