Michaela Nebel, Author at Connect On Tech

In EU GDPR

Intra-EU/EEA Standard Contractual Clauses: What you need to know

The European Commission (“EC”) recently issued a set of standard contractual clauses for controllers and processors in the EU/EEA (“Intra-EU SCCs”). The Intra-EU SCCs accompany a wider set of clauses issued for extra-EU/EEA personal data transfers (“Extra-EU SCCs”), covering transfers between different types of data processing actors (processors, controllers, sub-processors etc.). Both of them were published in the Official Journal of the European Union on June 7, 2021. The clauses for intra-EU data processing arrangements…

In Privacy Shield

Podcast Episode 32 – Enforcement of Schrems II – Focus on Germany

June 21, 2021 by Brian Hengesbaugh and Dr Michaela Nebel 1 Min Read

Brian Hengesbaugh is joined by Michaela Nebel to discuss the enforcement of Schrems II, the decision of the Court of Justice of the European Union from last July 2020 where they invalidated the EU-US Privacy Shield with a focus on US government surveillance activities. This podcast looks squarely into enforcement activities in the aftermath of Schrems IIin Germany, and provides insight into the “coordinated audits of international data transfers” announced by various German data protection…

In Data Privacy

The New European Commission Standard Contractual Clauses: What you need to know

The European Commission (“EC”) recently issued its revised standard contractual clauses for data transfers to third countries (“Ex-EU SCCs”) and a companion set of standard clauses for controllers and processors in the EU/EEA (“Intra-EU SCCs”). Both are now published in the Official Journal. The following is an introduction to the core elements of the Ex-EU SCCs and a brief overview of the Intra-EU SCCs. Legal Context The Ex-EU SCCs are a mechanism that companies can…

In Data Privacy

The third anniversary of the GDPR: Looking ahead

May 25, 2021 by Benjamin Slinn, Magalie Dansac Le Clerc, Yann Padova, Dr Michaela Nebel, Raul Rubio, Francesca Gaudino, Jennie Nilsson, Dr Lukas Feiler, Prof. Dr. Michael Schmidl, Nathalja Doing, Radoslaw Nozykowski and Elisabeth Dehareng 27 Mins Read

The 25 May 2021 marks the third anniversary of the GDPR coming into force. As we have moved from preparation for the GDPR to business as usual compliance with the GDPR, regulators have focused on various issues in different jurisdictions. Although we are now three years into compliance with the GDPR being part of our day to day operations, it is clear that interpretation and expectations regarding compliance from the courts and regulators continue to…

In Data Privacy

How does PSD2 interplay with GDPR? New regulatory guidelines published

September 24, 2020 by Sue McLean, Benjamin Slinn and Dr Michaela Nebel 4 Mins Read

Questions continue to arise over the interplay of the second Payment Services Directive (PSD2) with the General Data Protection Regulation (GDPR). Both PSD2 and the GDPR are complex legislation and the relationship between distinct provisions of each law and how they work together is not altogether clear, which has led to uncertainty for payment service providers, including banks. For example, when is “consent” required to access payment data and what does consent mean? To this…