On July 28, 2020, German supervisory authorities issued a statement reiterating the requirement for additional safeguards when organizations rely on Standard Contractual Clauses or Binding Corporate Rules for the transfer of personal data to third countries in the wake of the Court of Justice of the European Union’s invalidation of the Privacy Shield Framework.
Continue Reading Schrems II Update: German SAs Require Additional Safeguards for U.S. Transfers and Max Schrems Set to Challenge Facebook Data Transfers Again

On July 22, 2020, the European Data Protection Board adopted an information note to assist organizations relying on Binding Corporate Rules for international personal data transfers, as well as supervisory authorities, in preparing for the end of the Brexit implementation period on December 31, 2020.
Continue Reading EDPB Adopts Information Note on BCRs in Preparation for Brexit

On July 16, 2020, the Court of Justice of the European Union issued its landmark judgment in the Schrems II case, concluding that the Standard Contractual Clauses issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. Unexpectedly, the Court invalidated the EU-U.S. Privacy Shield framework.
Continue Reading BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid

On June 30, 2020, the Federal Trade Commission announced it had entered into a consent agreement with NTT Global Data Centers Americas, Inc., a successor in interest to RagingWire Data Centers, Inc., to settle allegations in a November 2019 Administrative Complaint.
Continue Reading FTC Privacy Shield Settlement Requires Company to Obtain Annual Outside Compliance Review

In a case that has garnered widespread interest, the Court of Justice of the European Union will deliver its judgement in the Schrems II case (case C-311/18) on July 16, 2020, determining the validity of the controller-to-processor Standard Contractual Clauses as a cross-border data transfer mechanism under the GDPR.
Continue Reading CJEU’s Judgment on Validity of EU Standard Contractual Clauses Due July 16, 2020

On July 9, 2020, the European Commission adopted a Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions aimed to help national authorities, businesses and citizens prepare for the end of the Brexit transition period on December 31, 2020.
Continue Reading European Commission Adopts Communication on Brexit Readiness