NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Summary - In its judgement of 11 July 2024 (C-757/22), the European Court of Justice (‘ECJ’) ruled that the violation of a controller’s information obligations under Art. 12 and 13 GDPR, can be subject to a representative...more
On March 7, 2024, the European Court of Justice (CJEU) issued a landmark ruling on digital advertising and the concepts of personal data and joint controllership under the General Data Protection Regulation (GDPR)....more
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
Key Point: The European Commission has adopted an adequacy decision for the EU-U.S. Data Privacy Framework, which allows certain businesses to transfer data from the EU to the U.S. without the need for additional transfer...more
On July 10, 2023, the European Commission concluded that the US ensures an adequate level of protection for personal data transferred from the European Union to US companies under the new EU-US Data Privacy Framework. Based...more
On July 3, 2023, U.S. Secretary of Commerce Gina Raimondo announced that the U.S. fulfilled its commitments that were prerequisites to the implementation of the EU-U.S. Data Privacy Framework (Framework). These steps are...more
At the end of June, the European Data Protection Board (EDPB) published its Recommendations (Recs) on Binding Corporate Rules (BCRs). Among other things, the Recs require existing and in process BCRs to: - Incorporate...more
A Fresh Perspective on Data Protection and Damages - Opening statements by Peter Hense at a University of Vienna panel titled "EU Future Talks, Non-Material Damages for GDPR Violations: Quo Vadis Österreichische Post...more
As we wrote in July 2020, the European Court of Justice issued a landmark decision that invalidated the Privacy Shield as untenable under the European General Data Protection Regulation (GDPR). The decision sparked...more
While claims for damages in the event of data protection violations have theoretically existed for some time, they have been gaining in importance since the introduction of the General Data Protection Regulation ("GDPR")....more
On March 25, 2022, U.S. President Joe Biden and European Commission President Ursula von der Leyen announced that the U.S. and the EU have reached a political agreement in principle on a new Trans-Atlantic Data Privacy...more
NGE Corporate & Securities partner John Koenigsknecht recently interviewed Data Privacy & Information Governance partner David Wheeler about the new standard contractual clauses and the complex task of assessing and...more
Last year, the COVID-19 pandemic brought about a global market disruption across multiple industries, and manufacturers expect the pandemic to continue to affect the automotive industry through 2021. The pandemic has not...more
Melina Efstathiou of Eversheds joins Bill and Rob to discuss this summer’s surprise decision by the European Court of Justice invalidating the EU-US Privacy Shield. The three will also dive into the current state of other...more
The Belgian Data Protection Authority (DPA) has published brief guidance concerning the European Court of Justice (ECJ) judgement on the European Commission’s adequacy decision provided by the EU-US data Privacy Shield...more
Cross-border and international discovery can be complicated. And the recent invalidation of the EU-U.S. Privacy Shield Program by the European Union Court of Justice in Irish Data Protection Commissioner v. Facebook Ireland...more
The Court of Justice of the European Union (CJEU) sent shockwaves through the privacy community last week. As Jonathan Armstrong of Cordery explains in this podcast, it put an effective end to the Privacy Shield because of...more
In its long awaited judgment in the Schrems II case, the ECJ has this morning invalidated the EU-US Privacy Shield citing the “limitations on the protection of personal data arising from the domestic law of the United States...more
On Tuesday, September 24, 2019, the European Court of Justice issued two rulings that further defined the right to be forgotten under European laws. The right to be forgotten, also known as the right to erasure, is a...more
A Facebook “like” is actually more like “in a [Joint Controller] relationship” status, says the Court of Justice of the EU in a long awaited decision in the Fashion ID matter. At issue: The legal framework surrounding...more
On July 31, 2018, the Irish Supreme Court made the unprecedented decision to grant Facebook leave to appeal the Irish High Court’s referral of certain matters in an ongoing data privacy case to the European Court of Justice...more
The European Court of Justice (ECJ) in Luxembourg rendered a judgment on July 12 that explains, among other things, what a (joint) data controller is. The judgment is on the “old” EU Data Protection Directive 95/46/EC, but...more
Updates on the EU: German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers. On June 7, 2016, the European Commission adopted the EU-U.S. Privacy Shield. One question that many...more
The European Union announced on October 26, 2015, that it had reached an agreement “in principle” with the United States on a new transatlantic data-sharing pact—though a final agreement between the parties is likely still...more
On October 20, the U.S. House of Representatives passed the Judicial Redress Act (the “Act”) to allow European Union residents to challenge certain privacy violations by the U.S. government in U.S. courts. If passed by the...more