fbpx

Download free GDPR compliance checklist!

Tag Archives for " Privacy Shield "

No grace period after Schrems II Privacy Shield ruling, warn EU data watchdogs

European data watchdogs have issued updated guidance in the wake of last week’s landmark ruling striking down a flagship transatlantic data transfer mechanism called Privacy Shield.

In an FAQ on the Schrems II judgement, the European Data Protection Board (EDPB) warns there will be no regulatory grace period.

Source: No grace period after Schrems II Privacy Shield ruling, warn EU data watchdogs | TechCrunch

What Privacy Shield organizations should do in the wake of ‘Schrems II’

The Court of Justice of the European Union issued its decision in “Schrems II” Thursday, a landmark decision that invalidates the EU-U.S. Privacy Shield arrangement.

Fortunately, the CJEU did not invalidate the European Commission’s standard contractual clauses for transfers to data processors. However, the rationale behind the court’s ruling on Privacy Shield (which focused on concerns about U.S. law and practice on government surveillance) would suggest that companies will need to evaluate their use of SCCs.

So, what now?

Full article: What Privacy Shield organizations should do in the wake of ‘Schrems II’

CJEU Invalidates EU-U.S. Privacy Shield but SCC Remain Valid

On July 16, 2020, the Court of Justice of the European Union (the “CJEU”) issued its landmark judgment in the Schrems II case (case C-311/18).

In its judgment, the CJEU concluded that the Standard Contractual Clauses (the “SCCs”) issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. Unexpectedly, the Court invalidated the EU-U.S. Privacy Shield framework.

Source: Schrems II: CJEU Invalidates EU-U.S. Privacy Shield but SCC Remain Valid

What the outcome of the upcoming ruling in Facebook Ireland vs Schrems can mean for you

On the 16th of July, one of the most anticipated cases in data protection, case C-311/18 — Facebook Ireland versus Schrems — will be delivered by the EU Court of Justice.

The verdict in the groundbreaking “Schrems 2.0” case will dictate whether the widely used Standard Contractual Clauses (SCCs) and the EU/USA Privacy Shield will remain a valid means of transferring personal data to countries outside the EEA under the EU’s GDPR.

Full article: What the outcome of the upcoming ruling in Facebook Ireland vs Schrems can mean for your organisation and how to prepare for the 16th of July

Commission conducting ‘preparatory work’ should ECJ invalidate privacy shield

The European Commission is preparing for the eventuality that the European Court of Justice (ECJ) may invalidate the EU-US data transfer agreement, known as the Privacy Shield, Justice Commissioner Didier Reynders has said.

“We don’t have one plan, but we have some ideas about the different ways to give an answer, following the scope of the decision of the court,” he added, keeping his cards close to his chest, however, on the specifics of how the Commission would react to a legal invalidation of the Privacy Shield.

Source: Commission conducting ‘preparatory work’ should ECJ invalidate privacy shield  – EURACTIV.com

EU-US Privacy Shield passes third Commission ‘health check’

The European Commission published its report on the third annual review of the EU-US Privacy Shield. This despite the EU parliament calling last year for the mechanism to be suspended.

Report outlines that the US continues to ensure an adequate level of protection for personal data transferred from the EU to the 5,000 participating US companies under the Privacy Shield, the improvements made since the second annual review, and the appointments of key oversight and redress bodies, such as the Privacy Shield Ombudsperson.

Moreover, the Report highlights that an increasing number of EU individuals are making use of their rights under the Privacy Shield and that the relevant redress mechanisms are functioning well.

Source: EU-US Privacy Shield passes third Commission ‘health check’ — but litigation looms | TechCrunch

EU and US issue joint statement on the Third Annual EU-U.S. Privacy Shield Review

U.S. Secretary of Commerce Wilbur Ross and EU Commissioner for Justice, Consumers, and Gender Equality Věra Jourová made the joint statement regarding the third annual joint review of the EU-U.S. Privacy Shield Framework.

Officials stated that Privacy Shield ensures that participating companies and relevant government authorities provide a high level of protection for the personal data of EU individuals. The Department of Commerce will revoke the certification of companies that do not comply with Privacy Shield’s vigorous data protection requirements.

The European Commission will publish a report on the functioning of the Privacy Shield. This report will conclude this year’s review process.

Source: Joint Press Statement from Commissioner Věra Jourová and Secretary of Commerce Wilbur Ross on the Third Annual EU-U.S. Privacy Shield Review | U.S. Department of Commerce

Privacy Shield review goes on

US  Administration will host the third annual joint review of the European Union–United States Privacy Shield Framework in Washington, D.C.

This third annual review will bring together key American and European stakeholders to discuss the functioning, value, and integrity of the Privacy Shield Program, which facilitates compliance with European data protection and privacy requirements in support of transatlantic commerce.

Source: Statement from the Press Secretary on the European Union–United States Privacy Shield Framework | The White House

CJEU’s hearing on Schrems II has both sides worried ruling could be sweeping

On July 9 the Court of justice of European Union had its session in so called Schrems II case. The question is; whether U.S. law on the access of national security agencies to the personal data of non nationals, the Foreign Intelligence Service Act, breaks European data protection laws. And if so, does that invalidate currently legal data transfer mechanisms?

Court heard from the Irish Data Protection Commissioner, Facebook, the Electronic Privacy Information Center, DigitalEurope, the Business Software Alliance, the European Commission, the European Data Protection Board, the U.S. government as well as several EU countries and representatives of Max Schrems himself.

The EU court’s Advocate General Henrik Saugmandsgaard Øe said he will give his non-binding opinion in the case December 12 this year, with a full decision expected by early 2020.

Source: CJEU’s hearing on Schrems II has both sides worried ruling could be sweeping

SCHREMS 2.0 – the demise of Standard Contractual Clauses and Privacy Shield?

On July 9th, Europe’s highest court – the Court of Justice of the European Union (CJEU) – is set to hear a case concerning the validity of two key data transfer mechanisms: Standard Contractual Clauses (SCCs) and Privacy Shield – mechanisms widely used by businesses within the European Economic Area (EEA) to legitimise the transfer of personal data to countries outside the EEA.

There is a significant risk the CJEU will declare these transfer mechanisms as invalid. If this happens, many organisations will be left without any practical solution to legitimise the international transfer of personal data outside the EEA and exposure to the threat of GDPR revenue based fines, regulatory sanctions including injunctions and third party claims for compensation.

Read full article: SCHREMS 2.0 – the demise of Standard Contractual Clauses and Privacy Shield?

1 2 3 8
>