Court of Justice of the European Union

Subscribe to Court of Justice of the European Union

On April 27, 2021, the Portuguese Data Protection Authority ordered the National Institute of Statistics to suspend, within 12 hours, any international transfers of personal data to the U.S. or other third countries that have not been recognized as providing an adequate level of data protection.
Continue Reading Portuguese DPA Orders Suspension of U.S. Data Transfers by Agency That Relied on SCCs

On April 22, 2021, the Belgian Constitutional Court annulled the framework set forth by the Law of 29 May 2016 requiring telecommunications providers to retain electronic communications data in bulk.
Continue Reading Belgian Constitutional Court Annuls Data Retention Framework for Electronic Communications Data

France’s highest administrative court recently issued a summary judgment that rejected a request for the suspension of the partnership between the French Ministry of Health and Doctolib, a leading provider of online medical consultations in Europe, for the management of COVID-19 vaccination appointments.
Continue Reading French Highest Court Rejects Suspension of Partnership with EU Service Provider Using AWS; Extends Application of the Schrems II Requirements

On December 9, 2020, the Senate Committee on Commerce, Science and Transportation held a hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows. This post reviews the key topics, witnesses and views expressed during the hearing.
Continue Reading Senate Commerce Committee Holds Hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows

On November 11, 2020, the European Data Protection Board published its long-awaited recommendations following the Schrems II judgement regarding supplementary measures that may be implemented to ensure the adequate protection of personal data when transferring the data to third countries.
Continue Reading EDPB Adopts Recommendations on Supplementary Measures for Data Transfers Following Schrems II Decision

On October 13, 2020, France’s highest administrative court issued a summary judgment that rejected a request for the suspension of France’s centralized health data platform, Health Data Hub.
Continue Reading French Highest Court Rejects Temporary Suspension of France’s Health Data Hub; Calls for Additional Guarantees Following Schrems II

On October 6, 2020, the Court of Justice of the European Union handed down Grand Chamber judgments determining that the ePrivacy Directive does not allow for EU Member States to adopt legislation intended to restrict the scope of its confidentiality obligations unless they comply with the general principles of EU law.
Continue Reading CJEU Restricts Indiscriminate Access to Electronic Communications for National Security Purposes

The Centre for Information Policy Leadership at Hunton Andrews Kurth recently published a concept paper titled “Why We Need Interstate Privacy Rules for the U.S.” This blog entry provides highlights on the paper.
Continue Reading CIPL Publishes Concept Paper on an Interstate Privacy Interoperability Code of Conduct