43 Results

schrems

Search

The European Court of Justice (“ECJ”) issued a landmark ruling earlier today that invalidates the EU – US Privacy Shield Framework (“Privacy Shield”) in Case C-311/18 (“Schrems II”).

Following our previous analysis of the consequences of the opinion of the advocate general Hendrik Saugmandsgaard Øe (a.g.) in the Schrems II case, from the data exporter perspective (available here), we now focus on the implications of the same with respect to the position of the data importer. Indeed, in the following paragraphs, we will turn our attention to the content of the Controller to Processor Standard Contractual Clauses (SCC) and, in particular, to some…

In this blog post we further analyse the impacts of the opinion of the advocate general Hendrik Saugmandsgaard Øe (a.g.) in the Schrems II case. We will focus, more specifically, on what it means for data exporters and what consequences there may be for them, if the decision of Court of Justice of the European Union (CJEU) on the case is consistent with the a.g’s opinion. Data importers will be the focus of another post,…

Francesca Gaudino, a partner in Baker McKenzie’s Milan office, joins this episode of Connect on Tech to discuss the December 18th opinion issued by the Advocates General (AG) of the Court of Justice of the European Union on Data Protection Commissioner v Facebook Ireland (Shrems II). In this episode you will learn: What this opinion means for the resolution of the case View of the AG on standard contractual clauses and how this may affect…

The European Union’s highest court, the Court of Justice of the European Union (CJEU), is evaluating the legitimacy of the EU standard contractual clauses (SCC). SCCs have been the bedrock of cross-border personal data transfers outside the EU for many years. Today, the advocate general (a.g.) has rendered an opinion on the Schrems II case. By way of brief background, Schrems II is a case before the Court of Justice of the European Union (CJEU)…

Fact is that it is not per se illegal to transfer data from the EEA to the U.S. What has changed is that the blanket permission for transatlantic data transfers from the EEA to Safe Harbor certified U.S. companies has fallen away. Nonetheless, alternative transfer mechanisms, in particular Binding Corporate Rules and Standard Contractual clauses may be relied upon for lawfully transferring data from the EEA to the U.S. Further, derogations such as consent and performance of…

On 19 November 2015, the French data protection authority (“CNIL”) published a set of guidelines and FAQs providing guidance to French businesses currently transferring, or planning to transfer, personal data from the EU to the U.S. What Options Are Available For Transferring Personal Data From France To the U.S.?CNIL expressly states that transferring personal data from France to the U.S. on the basis of Safe Harbor is no longer an option. It further confirms that, while…

*Article originally posted on IAPP.org* We are all hopeful the U.S. government can reach an agreement with the European Commission and other EU authorities on a so-called “Privacy Shield 2.0” in the near term. Such an updated arrangement is essential to provide certainty to trans-Atlantic business and assure a high level of protection for personal data transfers. But what’s next? Over recent years, we have witnessed the Court of Justice of the European Union invalidate…

Happy Data Protection Day! The 28 January each year is celebrated as Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2021, we have summarised some of the key trends and developments in the EU, UK and beyond from a data protection perspective and looking ahead to what to expect for 2021. You can jump to specific country…

There have been a number of EU and UK developments affecting transfers of personal data. We summarise the key ones below and set out some practical steps to take in light of these developments. Any organisation which transfers personal data to or from the EU27 will need to work out what changes are required to address these new developments. We won’t have full clarity until the European Commission and EDPB finalise their current drafts but…