Standard Contractual Clauses

Today, 21 June 2021, the European Data Protection Board (the “EDPB”) has published its final Recommendations 01/2020 on supplementary measures to ensure compliance with data protection laws when transferring personal data from Europe (the “Recommendations”).

The adoption of these Recommendations is the latest in a series of developments which demonstrate that it is

As the European Union finalizes new tools that raise the requirements to transfer personal data across borders, and as the trend toward localization and restricting cross-border movement of data continues to develop in Asia, organizations must reassess the rules that restrict sharing data internationally and revise their approach in response to this increasingly restrictive, complex

Today, 4 June 2021, the European Commission has formally adopted new standard contractual clauses for international personal data transfers from the European Union to third countries (“New EU SCCs”).

The 34-page New EU SCCs, which have been adopted to reflect the introduction of the General Data Protection Regulation (“GDPR”) and the

In an increasingly interconnected world, preserving the free flow of data across borders is crucial to the prosperity of businesses operating in every industry. But over the last year, there have been a number of important data protection developments in Europe that have a direct impact on the supply chain and distribution arrangements operated by

A decision issued on 15 March 2021 by the Bavarian Data Protection Authority (“BayLDA“, publication pending) is the first German enforcement action in connection with last year’s decision of the Court of Justice of the European Union (“CJEU“, “CJEU’s Decision“) on the validity of the European Commission’s Standard Contractual

The Spanish Data Protection Authority (“Agencia Espanola Proteccion Datos – AEPD”) has recently issued its highest fine to date, totaling €8.15 million for several breaches of GDPR and national legislation by a multinational telecommunication company and its service providers. Notably, €2 million of this fine was attributable to its service provider conducting an

On 22 January 2021, it was announced that the Association of Southeast Asian Nations (ASEAN) had approved the new Data Management Framework (DMF) and Model Contractual Clauses for Cross Border Data Flows (MCCs).

ASEAN was established in 1967 with the key aim of improving economic growth and social progress, and collaboration and mutual assistance in

Scenario

A US company is conducting a global internal investigation. To carry it out, the company plans to transfer documents and emails held by its French subsidiary to the company’s US servers for review and analysis. Aware that Europe has stringent data privacy rules, the US in-house counsel is looking for specific guidance on whether

Whilst the UK left the European Union (“EU”) on 31 January 2020 (“Exit Day”) it remained within the EU’s legal framework during the Brexit Transition Period (“Transition Period”). When the Transition Period ends at 11:00 p.m. GMT on 31 December 2020 (“Completion Day”), EU law that was

On 12 November, the European Commission published draft standard contractual clauses for transfers of personal data from the European Union to third countries (“New SCCs“).

Once approved, the New SCCs will replace the previous standard contractual clauses which pre-date the implementation of the General Data Protection Regulation 2016/679 (“GDPR“). The draft