On March 25, 2022, the United States and the European Union jointly announced an “agreement in principle” to a new trans-Atlantic data privacy framework to facilitate the cross-border transfer of personal data (the “Framework”).1 As part of the Framework, the US has made “unprecedented commitments” related to intelligence collection and surveillance practices.2 The

On 16 July 2020, the Court of Justice of the European Union (“CJEU“) examined the validity of the European Commission’s Privacy Shield Decision (Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield) as well as the validity of the European Commission’s Decision 2010/87/EC on Standard Contractual Clauses between

Today (16 July 2020) the Court of Justice of the European Union (“CJEU”) delivered its long awaited decision on the validity of the European Commission’s Standard Contractual Clauses (“SCCs”) and the EU-US Privacy Shield (“Privacy Shield”).

Continue reading.

On December 19, the EU Commission (“Commission”) published its report to the European Parliament and the Council on the second review of the functioning of the EU-US Privacy Shield (the “Report”).

To the relief of the 3,850 US companies who have certified to the Privacy Shield, and those entities transferring personal data to them, the

On October 18, 2017, the EU Commission published a report (“Report”) on the first annual joint review of the EU-US Privacy Shield framework (“Privacy Shield”), which took place on September 18-19, 2017, in Washington DC. The Report, which reflects input from the US federal government and feedback gathered from relevant stakeholders, found the

On October 18, 2017, the EU Commission published a report (“Report”) on the first annual joint review of the EU-US Privacy Shield framework (“Privacy Shield”), which took place on September 18-19, 2017, in Washington DC. The Report, which reflects input from the US federal government and feedback gathered from relevant stakeholders, found the

In 2016, e-discovery and information governance saw significant vendor consolidation, new review tools such as native file redaction, more cloud-based review and information governance, the end of the “three-day rule” for CM/ECF filings and a growing conversation about the evidentiary use of the “Internet of Things” (IoT). However, the most significant events of 2016 involved

In a bylined article, Technology Transactions partner Rebecca Eisner (Chicago), Cybersecurity & Data Privacy counsel Kendall Burman (Washington DC) and associate Lei Shen (Chicago) examine the requirements for conducting onward transfers under the new Privacy Shield framework.

Continue reading.

On July 12, 2016, the European Commission and the US Department of Commerce signed the EU-US Privacy Shield agreement, a much-anticipated framework for protecting personal data transferred from the European Union to the United States. Beginning on August 1, companies and other entities in the United States will be able to register with the Commerce