Deadline to adopt EU Standard Contractual Clauses - Many organizations uses the European Union’s Standard Contractual Clauses (SCCs) to govern their transfers of personal data from the European Economic Area (EEA) to other...more
Two new United Kingdom (“UK”) data transfer mechanisms, the International Data Transfer Agreement (“IDTA”) and the International Data Transfer Addendum (“UK Addendum”) to the European Union’s (“EU”) new standard contractual...more
Das Portal fragdenstaat.de (Link) hat einen Fragebogen der Hamburgischen Datenschutzbehörde veröffentlicht, mit Hilfe dessen die Behörde die Umsetzung des Schrems-II-Urteils exemplarisch am Einsatz von Office 365 überprüft....more
Last week saw major innovations in the law of data transfer from the European Economic Area (EEA) to other countries, including the United States. This alert covers one of them: new guidelines from the European Data...more
The Data Protection Authority of Rhineland-Palatinate, Germany has issued FAQs on Schrems II, weighing in on the EU-U.S. Privacy Shield and Standard Contractual Clauses. The guidance comes on the heels of FAQs issued recently...more
The fallout from the Schrems II judgment continued on Tuesday with an announcement from Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) that the Swiss-US Privacy Shield regime “does not provide an...more
On July 16, 2020, the Court of Justice of the European Union (“CJEU”) announced their decision in case C-311/18, better known as Schrems II. Late last year, the Advocate General issued a nonbinding opinion declaring the use...more
EU Commissioner Vera Jourova recently announced in a speech to the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) that the Commission and the US have made substantial progress in finalizing a...more
On Monday, October 26, European Union Justice Commissioner Vera Jourová delivered a speech before the European Parliament in which she noted that the European Union and the United States had agreed “in principle” on a new...more
With EU Safe Harbor Invalidated, Companies Ask: What Now? - What happens now?: That is the question that businesses across the country are asking after the Court of Justice of the European Union (CJEU) threw out the...more
As all of our readers know by now, as of October 6, the US-EU Safe Harbor Framework is no more. Safe Harbor was the mechanism on which thousands of US companies (and thousands of companies based in the European Union)...more
In a concise statement, the Article 29 Working Party (WP29), a consortium of European Data Protection Authorities (DPAs), released a position paper today about the landmark ruling of the European Court of Justice in...more
On October 16, 2015, EU authorities gave the U.S. and European Union until the end of January 2016 6o find a replacement for the former US-EU Safe Harbor regime, or enforcement actions could begin. The full statement of the...more
Since the Article 29 Working Party on the Protection of Individuals (“WP29”) announced last week that it would it shortly issue a statement on the landmark CJEU ruling invalidating the Safe Harbor Decision (Schrems v. Data...more
Last week, the Court of Justice of the European Union (CJEU) gave an important ruling which any business transferring personal data between the EU and the United States should know about — in particular those that make use of...more
The EU Parliament committee that is charged with considering data protection matters (LIBE) has issued a press release calling on the European Commission to take action before the end of 2015 to come up with alternatives to...more
As we discussed in our blog post last week, on October 6, 2015, the Court of Justice of the European Union issued a judgment that invalidated the EU-U.S. Safe Harbor Framework. For the past 15 years, thousands of companies...more
With the recent ruling that the Safe Harbor programme is invalid under European law, life sciences companies will need to review their strategies when exporting patient data to the United States....more
In a recent landmark decision, Maximillian Schrems v. Data Protection Commissioner, Europe’s highest court struck down a US-EU agreement that allowed companies to move personal electronic data between the European Union and...more
The European Union’s highest court has, effective immediately, invalidated the US-EU Safe Harbor program relied upon by many companies as the basis for lawfully transferring and processing personal information from the EU to...more
On October 6, 2015, the Court of Justice of the European Union (CJEU) announced its determination that the U.S.-EU Safe Harbor program is no longer a “safe” (i.e., legally valid) means for transferring personal data of EU...more
On October 6, 2015, the European Court of Justice — Europe’s highest court — invalidated the Safe Harbor agreement and framework that has permitted more than 4,000 companies to transfer personal data from the EU to the U.S....more