On 13 December 2022, the European Commission published its draft adequacy decision for EU-U.S. data transfers. The draft decision follows the EU-U.S. announcement of an agreement on a new EU-U.S. Data Privacy Framework (“DPF”) in March 2022 as well as the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (“Executive Order”) signed
EU-US Privacy Shield
President Biden Signs Executive Order on U.S. Intelligence Activities to Implement EU-U.S. Data Privacy Framework
On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities,1 which is intended to implement U.S. commitments under the Trans-Atlantic Data Privacy Framework (DPF) announced in March 2022. With the new executive order, the Biden administration aims to strengthen the legal foundation for trans-Atlantic…
US and EU Announce New Trans-Atlantic Data Privacy Framework
On March 25, 2022, the United States and the European Union jointly announced an “agreement in principle” to a new trans-Atlantic data privacy framework to facilitate the cross-border transfer of personal data (the “Framework”).1 As part of the Framework, the US has made “unprecedented commitments” related to intelligence collection and surveillance practices.2 The…
Personal Data Transfers to the US and Other Non-EEA Countries
On 16 July 2020, the Court of Justice of the European Union (“CJEU“) examined the validity of the European Commission’s Privacy Shield Decision (Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield) as well as the validity of the European Commission’s Decision 2010/87/EC on Standard Contractual Clauses between…
Court of Justice Strikes Down the EU-US Privacy Shield But Rules that the Standard Contractual Clauses Can Be a Valid Mechanism for Transfers of Personal Data Outside of the European Union
Today (16 July 2020) the Court of Justice of the European Union (“CJEU”) delivered its long awaited decision on the validity of the European Commission’s Standard Contractual Clauses (“SCCs”) and the EU-US Privacy Shield (“Privacy Shield”).
EU-US Privacy Shield Undergoes Second Review by EU Commission and (Re)Passes the Test—For Certifying Companies, Santa Has Come to Town
On December 19, the EU Commission (“Commission”) published its report to the European Parliament and the Council on the second review of the functioning of the EU-US Privacy Shield (the “Report”).
To the relief of the 3,850 US companies who have certified to the Privacy Shield, and those entities transferring personal data to them, the…
EU Commission: Privacy Shield Framework Adequate but More Can Be Done
On October 18, 2017, the EU Commission published a report (“Report”) on the first annual joint review of the EU-US Privacy Shield framework (“Privacy Shield”), which took place on September 18-19, 2017, in Washington DC. The Report, which reflects input from the US federal government and feedback gathered from relevant stakeholders, found the…
EU Commission: Privacy Shield Framework Adequate but More Can Be Done
On October 18, 2017, the EU Commission published a report (“Report”) on the first annual joint review of the EU-US Privacy Shield framework (“Privacy Shield”), which took place on September 18-19, 2017, in Washington DC. The Report, which reflects input from the US federal government and feedback gathered from relevant stakeholders, found the…
2016 Tips of the Month – A Compilation
In 2016, e-discovery and information governance saw significant vendor consolidation, new review tools such as native file redaction, more cloud-based review and information governance, the end of the “three-day rule” for CM/ECF filings and a growing conversation about the evidentiary use of the “Internet of Things” (IoT). However, the most significant events of 2016 involved…
Onward Transfers of Data Under the Privacy Shield: Keeping the Shield From Becoming a Sword
In a bylined article, Technology Transactions partner Rebecca Eisner (Chicago), Cybersecurity & Data Privacy counsel Kendall Burman (Washington DC) and associate Lei Shen (Chicago) examine the requirements for conducting onward transfers under the new Privacy Shield framework.