On July 28, 2020, German supervisory authorities issued a statement reiterating the requirement for additional safeguards when organizations rely on Standard Contractual Clauses or Binding Corporate Rules for the transfer of personal data to third countries in the wake of the Court of Justice of the European Union’s invalidation of the Privacy Shield Framework.
Continue Reading Schrems II Update: German SAs Require Additional Safeguards for U.S. Transfers and Max Schrems Set to Challenge Facebook Data Transfers Again
Privacy Shield
EDPB Publishes FAQs on Implications of the Schrems II Case
On July 24, 2020, the European Data Protection Board published a set of Frequently Asked Questions on the judgment of the Court of Justice of the European Union in the Schrems II case.…
Continue Reading EDPB Publishes FAQs on Implications of the Schrems II Case
Regulators Issue Reactions to Invalidation of EU-U.S. Privacy Shield Framework
In the aftermath of the CJEU’s unexpected ruling, organizations in the EU and U.S. that rely on Privacy Shield certification for transfers of EU personal data are awaiting guidance from EU data protection regulators. …
Continue Reading Regulators Issue Reactions to Invalidation of EU-U.S. Privacy Shield Framework
BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid
On July 16, 2020, the Court of Justice of the European Union issued its landmark judgment in the Schrems II case, concluding that the Standard Contractual Clauses issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. Unexpectedly, the Court invalidated the EU-U.S. Privacy Shield framework.…
Continue Reading BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid
FTC Privacy Shield Settlement Requires Company to Obtain Annual Outside Compliance Review
On June 30, 2020, the Federal Trade Commission announced it had entered into a consent agreement with NTT Global Data Centers Americas, Inc., a successor in interest to RagingWire Data Centers, Inc., to settle allegations in a November 2019 Administrative Complaint. …
Continue Reading FTC Privacy Shield Settlement Requires Company to Obtain Annual Outside Compliance Review
Webinar on Schrems II: The Practical Implications for Businesses
In one of the most important cases on global data transfers, the Court of Justice of the European Union (“CJEU”) will rule on the validity of the Standard Contractual Clauses (“SCCs”) in the Schrems II case (case C-311/18) on July 16, 2020. Invalidation of the SCCs would leave businesses scrambling to find an alternative data transfer mechanism. But there may be significant practical challenges for businesses even if the SCCs survive.
…
Continue Reading Webinar on Schrems II: The Practical Implications for Businesses
CJEU’s Judgment on Validity of EU Standard Contractual Clauses Due July 16, 2020
In a case that has garnered widespread interest, the Court of Justice of the European Union will deliver its judgement in the Schrems II case (case C-311/18) on July 16, 2020, determining the validity of the controller-to-processor Standard Contractual Clauses as a cross-border data transfer mechanism under the GDPR.…
Continue Reading CJEU’s Judgment on Validity of EU Standard Contractual Clauses Due July 16, 2020
EDPB Releases 2019 Annual Report
On May 18, 2020, the European Data Protection Board released its Annual Report providing details of the EDPB’s work in 2019. …
Continue Reading EDPB Releases 2019 Annual Report
CJEU to Deliver Judgement on Validity of Standard Contractual Clauses on July 16, 2020
The Court of Justice of the European Union has announced via its Twitter feed that it will deliver its judgement in the Schrems II case on July 16, 2020.…
Continue Reading CJEU to Deliver Judgement on Validity of Standard Contractual Clauses on July 16, 2020
FTC Finalizes Five Privacy Shield Settlements
On January 16, 2020, the Federal Trade Commission announced that settlements with five companies of separate allegations that they had falsely claimed certification under the EU-U.S. Privacy Shield framework had been finalized.…
Continue Reading FTC Finalizes Five Privacy Shield Settlements