On August 24, 2020, the Data Protection Authority of the German federal state of Baden-Württemberg issued guidance on international data transfers following the judgment of the Court of Justice of the European Union in the Schrems II case.
Continue Reading German DPA Issues Guidance on Data Transfers Following Schrems II
Cross-Border Data Flow
Department of Commerce Publishes FAQs Regarding Impact of Schrems II Decision
The U.S. Department of Commerce has issued two new sets of FAQs in light of the CJEU’s recent decision to invalidate the EU-U.S. Privacy Shield in Schrems II. …
Continue Reading Department of Commerce Publishes FAQs Regarding Impact of Schrems II Decision
BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid
On July 16, 2020, the Court of Justice of the European Union issued its landmark judgment in the Schrems II case, concluding that the Standard Contractual Clauses issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. Unexpectedly, the Court invalidated the EU-U.S. Privacy Shield framework.…
Continue Reading BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid
Webinar on Schrems II: The Practical Implications for Businesses
In one of the most important cases on global data transfers, the Court of Justice of the European Union (“CJEU”) will rule on the validity of the Standard Contractual Clauses (“SCCs”) in the Schrems II case (case C-311/18) on July 16, 2020. Invalidation of the SCCs would leave businesses scrambling to find an alternative data transfer mechanism. But there may be significant practical challenges for businesses even if the SCCs survive.
…
Continue Reading Webinar on Schrems II: The Practical Implications for Businesses
CJEU’s Judgment on Validity of EU Standard Contractual Clauses Due July 16, 2020
In a case that has garnered widespread interest, the Court of Justice of the European Union will deliver its judgement in the Schrems II case (case C-311/18) on July 16, 2020, determining the validity of the controller-to-processor Standard Contractual Clauses as a cross-border data transfer mechanism under the GDPR.…
Continue Reading CJEU’s Judgment on Validity of EU Standard Contractual Clauses Due July 16, 2020
Philippines Joins the APEC CBPR System
On March 9, 2020, the APEC Cross-Border Privacy Rules system Joint Oversight Panel approved the Philippines’ application to join the APEC CBPR system.…
Continue Reading Philippines Joins the APEC CBPR System
APEC Endorses Third U.S. CBPR Accountability Agent
The U.S. International Trade Administration recently announced that NCC Group has been approved as an Accountability Agent under the APEC CBPR. The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has published a Q&A on the APEC CBPR and PRP systems.…
Continue Reading APEC Endorses Third U.S. CBPR Accountability Agent
CIPL: Eight Privacy Priorities for 2020 and Beyond
The proliferation of privacy laws is bound to continue as around the world, new privacy laws are coming into force and outdated laws continue to be updated. What should our privacy priorities be for 2020? …
Continue Reading CIPL: Eight Privacy Priorities for 2020 and Beyond
CIPL Issues White Paper on the USMCA’s Impact on U.S. Federal Privacy Law
On January 16, 2020, the Senate approved the United States-Mexico-Canada Agreement, sending it to the President’s desk for ratification.…
Continue Reading CIPL Issues White Paper on the USMCA’s Impact on U.S. Federal Privacy Law
FTC Finalizes Five Privacy Shield Settlements
On January 16, 2020, the Federal Trade Commission announced that settlements with five companies of separate allegations that they had falsely claimed certification under the EU-U.S. Privacy Shield framework had been finalized.…
Continue Reading FTC Finalizes Five Privacy Shield Settlements