fbpx

Download free GDPR compliance checklist!

Tag Archives for " Privacy Shield "

Intensifying Negotiations on transatlantic Data Privacy Flow

On March 25 EU Commissioner for Justice, Didier Reynders, and U.S. Secretary of Commerce, Gina Raimondo made a statement regarding future of transatlantic data flows.

The U.S. Government and the European Commission have decided to intensify negotiations on an enhanced EU-U.S. Privacy Shield framework to comply with the July 16, 2020 judgment of the Court of Justice of the European Union in the Schrems II case.

Source: Intensifying Negotiations on transatlantic Data Privacy Flow

Surveillance Concerns Could Hold Up European-U.S. Data Agreement for Years

One of the European Union’s top officials has warned negotiations with the U.S. over a new data-transfer agreement could take years rather than months.

EU officials hope to start new talks soon with U.S. Secretary of Commerce Gina Raimondo, whom the Senate confirmed last Tuesday and who is responsible for sealing a new trans-Atlantic data-flow deal.

It will be difficult to find a solution that protects Europeans’ data from U.S. law enforcement and intelligence authorities, EU Justice Commissioner Didier Reynders said in an interview.

Source: Surveillance Concerns Could Hold Up European-U.S. Data Agreement for Years

Senate Commerce Committee Holds Hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows

On December 9, 2020, the Senate Committee on Commerce, Science and Transportation held a hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows.

The hearing explored the policy issues that led to the Court of Justice of the European Union’s (CJEU) invalidation of the Privacy Shield framework in the Schrems II ruling. The hearing also discussed effects of the CJEU’s decision on U.S. businesses and what steps the U.S. government may take to develop a successor data transfer framework, including comprehensive federal privacy legislation.

Source: Senate Commerce Committee Holds Hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows | Privacy & Information Security Law Blog

New EU-U.S. data transfer pact not any time soon

Companies hoping the EU and the new U.S. administration will soon strike a new transatlantic data transfer pact to replace one struck down by a court will probably have to wait months for any result, the head of the EU privacy watchdog said on Friday.

“I don’t expect a new solution instead of Privacy Shield in the space of weeks, and probably not even months, and so we have to be ready that the system without a Privacy Shield like solution will last for a while,” told  European Data Protection Supervisor (EDPS) Wojciech Wiewiorowski.

Source: New EU-U.S. data transfer pact? Not any time soon, says EU privacy watchdog | Reuters

EU-US data transfer clarity may take several months, warns head of EDPS

European Data Protection Supervisor (EDPS) Wojciech Wiewiorowski says he does not expect a new solution to the Privacy Shield problem for several months, as the Biden administration grapples with other priority issues.

The head of the EDPS told Reuters said he is doubtful that EU businesses will receive clarity in the coming weeks and months over the uncertainty around EU-US data transfers.

Source: EU-US data transfer clarity may take several months, warns head of EDPB

European recommendations following Schrems II Privacy Shield ruling cast doubt on cloud encryption practices

The European Data Protection Board (EDPB) has issued guidance that calls into question recommendations to cloud services providers in responding to the Schrems II ruling, which struck down the Privacy Shield arrangement for moving data from the EU to the US.

The EDPB, which is responsible for European data protection law, said encryption could safeguard against contravening the ruling, but only when keys remain within the EU or trusted third countries.

Full article: European recommendations following Schrems II Privacy Shield ruling cast doubt on cloud encryption practices • The Register

European Data Protection Board Issues Schrems II Recommendations

Following the Court of Justice of the European Union’s (“CJEU”) decision in Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems on 16 July 2020 (Schrems II), the European Data Protection Board (EDPB) on 11 November 2020 issued its anticipated recommendations describing how controllers and processors transferring personal data outside the European Economic Area (EEA) may comply with the Schrems II ruling.

The EDPB on November 11 issued two sets of recommendations. The first set of recommendations covers the assessment and supplementary measures data exporters may need to adopt to ensure compliance with the EU level of personal data protection (“Supplementary Measures Recommendations”). The second set of recommendations lays down the elements to be used to examine whether surveillance measures allowing access to personal data by public authorities in a third country can be regarded as a justifiable interference with the level of data protection guaranteed in principle by the EU (“European Essential Guarantees Recommendations”).

These recommendations are applicable immediately but are open for public consultation until November 30.

Source: European Data Protection Board Issues Schrems II Recommendations

Privacy Shield Is Gone. So What Now?

With companies no longer able to rely on Privacy Shield for protection, companies have two main options available to them: to localize data storage and/or to strengthen their SCCs.

Other options include strong encryption, use of federated data and differential privacy.

The revocation of Privacy Shield does not have to result in a security vacuum. On the contrary, a secure data solution can protect a company from even the most stringent regulations.

Full article: Privacy Shield Is Gone. So What Now? – CPO Magazine

Data Protection Commission hit with massive legal bill after Facebook privacy case

Austrian privacy activist Max Schrems said: “The Irish taxpayer now has to pick up parts of the bill.”

The Data Protection Commission must pay the legal costs of Austrian privacy activist Max Schrems regarding a landmark EU ruling concerning Facebook, with the final bill likely to total in excess of €2m.

Such a bill would amount to in excess of 10% of the DPC’s entire annual budget.

Source: Data Protection Commission hit with massive legal bill after Facebook privacy case

EU data transfer laws might destroy Transatlantic commerce

Data privacy decisions from Europe this summer may have a large impact Transatlantic commerce.

In fact, if the U.S. and the EU don’t find a way to overcome the sudden hurdles placed in front of Transatlantic commerce, billions of dollars in trade are in jeopardy. Whether Congress takes the easy way, or trade representatives and courts are compelled to take the hard way, the cost of not seeking a resolution to this uncertainty is enormous.

Full article: EU data transfer laws might destroy Transatlantic commerce | TheHill

1 2 3 10
>