EU-US Safe Harbor

2022 was another eventful year in the realm of privacy, security and innovation.  Privacy World was there every step of the way, to keep you informed on key developments.  Starting next week, we will be rolling out our popular Year in Review series.  As a lead up to that, below are our ten most popular

The European Commission (the “Commission”) published today its draft adequacy decision for the US (the “Draft Decision”). This paves the way for an institutionalized personal data transfer mechanism across the Atlantic to emerge (and already raises the prospects of it being under scrutiny again).

If your pre- holidays’ workload (that also includes the transition of your old SCCs to the new ones, another transfer duty, does not allow you to read the full 134-page Draft Decision, here is a little tour of what you need to know before it becomes final (and this might still take some time).
Continue Reading Third Time Lucky or Schrems III? The European Union Data Pact with the US Moves One Step Closer (To Be Challenged – Again)

On December 9, 2021, Ann LaFrance, SPB Senior Partner and Vice President of the International Institute of Communications (“IIC”), moderated a panel discussion involving U.S. and international stakeholders’ perspectives on privacy and data protection trends and  the value of interoperability in cross-border data transfers at the IIC’s (virtual) annual Telecommunications & Media Forum

On 18 October 2017, the European Commission (“Commission”) published its first annual report on the functioning of the US-EU Privacy Shield (“the Report”), the successor to the Safe Harbor framework after its invalidation in Schrems. The Report will be widely welcomed by businesses on both sides of the Atlantic as the Commission continues to back the Privacy Shield. In particular, the finding that the United States continues to ensure an adequate level of protection for personal data transferred from the EU to self-certified organizations in the US under the Privacy Shield sends a positive signal to businesses that rely on transatlantic data flows. This is especially important in light of the ongoing judicial challenges that the Commission’s approved standard contractual clauses, also referred to as model clauses, currently face.
Continue Reading Privacy Shield: First Annual Review Report Published

On October 3, 2017, the Irish High Court issued a judgment in the “Schrems II” case, which raises the issue of whether the EU Commission’s decision approving the EU’s Standard Contractual Clauses (SCCs) should be invalidated. The Court has decided to refer various issues to the Court of Justice of the European Union (CJEU) and is seeking comment from the parties involved with regard to the questions that should be raised.
Continue Reading Irish High Court Issues Judgment in “Schrems II” Case