On 28 June 2021, the European Commission issued two adequacy decisions in respect of the UK – one under Regulation (EU) 2016/679 (the EU’s General Data Protection Regulation, or EU GDPR) and another under Directive (EU) 2016/680 (the Law Enforcement Directive).
The European Commission has adopted today the long-awaited new sets of Standard Contractual Clauses: one for use between controllers and processors in the EU/EEA and one for the transfer of personal data to third countries.
European Data Protection Board Publishes Opinions on European Commission’s Draft UK Adequacy Decision
The European Commission published on February 19, 2021 its draft decision granting data protection adequacy status to the UK under Article 45(3) of the GDPR. Once published, the European Commission submitted the draft decision to the European Data Protection Board for its review, which has just issued two opinions: Opinion […]
What has happened? The European Commission has published its draft decision on February 19, 2021 granting data protection adequacy status to the UK under Article 45(3) of the GDPR. The draft decision is currently under review by the European Data Protection Board, which will issue its opinion (not binding) in […]
What has happened? The draft UK-EU post-Brexit Trade Deal provides that transfers of data to the UK from EU Member States will not be treated as “restricted transfers” to a non-EU country for a period of up to six months from January 1, 2021. This will also apply to transfers to […]
On November 10, 2020, the European Data Protection Board issued two new pieces of guidance. Read together, they outline a detailed methodology to follow when conducting data transfers under the EU General Data Protection Regulation – such guidance has been keenly anticipated following the Court of Justice for the European […]
On 3 September 2020, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (the LIBE Committee) held a debate with the EU Commission, the European Data Protection Board and Max Schrems himself to discuss the impact of the Court of Justice of the European Union judgment in the […]
Europe’s Highest Court Invalidates the EU-US Privacy Shield, Casts Doubt on Viability of Model Clauses for Data Transfers to the US
On July 16, 2020, the Court of Justice of the European Union issued a decision that uprooted long-standing legal frameworks on which thousands of US and EU companies have relied to transfer personal data from the EU to the US.
New York Law Journal “The CLOUD Act is about to stir up a legal storm. The act was originally passed in March 2018 to ensure US law enforcement officials could obtain information from US-based communications providers even if that information is stored overseas. But the act has another, more controversial provision: […]
Background The Court of Justice of the European Union Advocate General issued his much‑anticipated opinion in the case commonly known as “Schrems 2.0.” The AG’s opinion is not legally binding. However, it is likely to influence the CJEU’s decision in the case, which is expected to be handed down […]