Standard Contractual Clauses (SCCs)

The Association of Southeast Asian Nations (ASEAN) and the European Union (EU) have rolled out their completed joint guide on the ASEAN model contractual clauses (MCCs) and EU standard contractual clauses (SCCs).[1]

This is the second half of a two-part guide, with this latter segment focusing on implementation aspects of the MCCs and SCCs.

The UK government has published its “adequacy decision” to allow transfers of personal data from the UK to U.S. businesses that have completed certification to the EU-U.S. Data Privacy Framework (DPF). The UK’s adequacy decision creates a “UK Extension” to the DPF that takes effect on October 12, 2023, a little more than three months after the EU’s adoption of DPF. (Please see our DPF FAQS for more information about DPA.)Continue Reading The UK Adequacy Decision for the EU-U.S. Data Privacy Framework

The deadline for updating standard contractual clauses (SCCs) falls on 27 December 2022, yet many organisations are still struggling to transition their legacy arrangements.

There are many reasons for this, including confusion around the paradigm shift that the new SCCs represent and the ever-evolving transfer landscape (from the developments towards a revised Privacy Shield to

The Cybersecurity Law Report recently featured a guest article from CPW’s Diletta De Cicco and Charles Helleputte. The article sorts out the key aspects of the latest EU FAQs, offers interpretation insights around some more ambiguous provisions, and provides practical thoughts in areas where the FAQs are silent. Check out the full article (subscription

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

2023 State Privacy Laws: How to Assess and Ensure Readiness by Year-end

Malcolm Dowden and Niloufar Massachi Discuss Vendor

In a CLE webinar earlier this week, Malcolm Dowden (Partner, London) and Niloufar Massachi (Associate, Los Angeles) discussed evaluating, drafting, and updating vendor agreements to meet the privacy and security requirements of new US privacy laws and the GDPR.
Continue Reading Malcolm Dowden and Niloufar Massachi Discuss Vendor Contracting Requirements Under New US Privacy Laws and the GDPR