On January 13, 2021, Advocate General Michal Bobek of the Court of Justice of the European Union issued his Opinion in the Case C-645/19 of Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v. the Belgian Data Protection Authority.
Continue Reading Advocate General Issues Opinion on GDPR’s One-Stop-Shop
Court of Justice of the European Union
Senate Commerce Committee Holds Hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows
On December 9, 2020, the Senate Committee on Commerce, Science and Transportation held a hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows. This post reviews the key topics, witnesses and views expressed during the hearing.…
Continue Reading Senate Commerce Committee Holds Hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows
EDPB Adopts Recommendations on Supplementary Measures for Data Transfers Following Schrems II Decision
On November 11, 2020, the European Data Protection Board published its long-awaited recommendations following the Schrems II judgement regarding supplementary measures that may be implemented to ensure the adequate protection of personal data when transferring the data to third countries.…
Continue Reading EDPB Adopts Recommendations on Supplementary Measures for Data Transfers Following Schrems II Decision
French Highest Court Rejects Temporary Suspension of France’s Health Data Hub; Calls for Additional Guarantees Following Schrems II
On October 13, 2020, France’s highest administrative court issued a summary judgment that rejected a request for the suspension of France’s centralized health data platform, Health Data Hub.…
Continue Reading French Highest Court Rejects Temporary Suspension of France’s Health Data Hub; Calls for Additional Guarantees Following Schrems II
CJEU Restricts Indiscriminate Access to Electronic Communications for National Security Purposes
On October 6, 2020, the Court of Justice of the European Union handed down Grand Chamber judgments determining that the ePrivacy Directive does not allow for EU Member States to adopt legislation intended to restrict the scope of its confidentiality obligations unless they comply with the general principles of EU law.…
Continue Reading CJEU Restricts Indiscriminate Access to Electronic Communications for National Security Purposes
CIPL Publishes Recommendations for International Transfers Post-Schrems II
On September 24, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth released a new paper on the “Path Forward for International Data Transfers under the GDPR after the CJEU Schrems II Decision.”…
Continue Reading CIPL Publishes Recommendations for International Transfers Post-Schrems II
CIPL Publishes Concept Paper on an Interstate Privacy Interoperability Code of Conduct
The Centre for Information Policy Leadership at Hunton Andrews Kurth recently published a concept paper titled “Why We Need Interstate Privacy Rules for the U.S.” This blog entry provides highlights on the paper.…
Continue Reading CIPL Publishes Concept Paper on an Interstate Privacy Interoperability Code of Conduct
U.S. Government Issues White Paper on Data Transfers after Schrems II Decision
On September 28, 2020, the U.S. Department of Commerce, along with the U.S. Department of Justice and the Office of the Director of National Intelligence, released a White Paper entitled Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II (the “White Paper”). The White Paper outlines privacy safeguards in and updates to the U.S. surveillance provisions flagged by the Court of Justice of the European Union (“CJEU”) in its Schrems II decision. It is intended to serve as a resource for companies transferring personal data from the EU to the U.S. in the wake of the CJEU’s decision overturning the EU-U.S. Privacy Shield. Particularly, it focuses on companies relying on Standard Contractual Clauses (“SCCs”) for data transfers, and provides information to help them determine whether the U.S. ensures adequate privacy protections for companies’ data.
…
Continue Reading U.S. Government Issues White Paper on Data Transfers after Schrems II Decision
EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR
On September 7, 2020, the European Data Protection Board released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation. We provide a summary of the key takeaways from the guidelines. …
Continue Reading EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR
Swiss-U.S. Privacy Shield No Longer Considered Adequate by Swiss DPA
On September 8, 2020, the Swiss Data Protection Authority announced in a position statement that it no longer considers the Swiss-U.S. Privacy Shield adequate for the purposes of transfers of personal data from Switzerland to the United States.…
Continue Reading Swiss-U.S. Privacy Shield No Longer Considered Adequate by Swiss DPA