fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " Privacy Shield "

Privacy Shield and Standard Contractual Clauses will be assessed by European Courts

On the first and second of the July, the General Court of the European Union (which is part of the Court of Justice of the European Union (CJEU)) will hear a case against the EU-U.S. Privacy Shield brought by three French NGOs, La Quadrature du Net, French Data Network and Fédération FDN.

A week later, on 9 July, the CJEU will hear arguments in Schrems II, in which the Irish High Court has referred 11 questions relating to whether the European Commission’s Standard Contractual Clauses (SCCs) provide an adequate level of protection for personal data which is transferred to the US.

Judgments in these cases are expected towards the end of 2019 or beginning of 2020. there is high probability that either or both the Privacy Shield and SCCs will be invalidated as a mechanism for transferring personal data outside the EU, in a similar manner to the invalidation of Safe Harbor in 2015.

Source: Transfers on Trial: Privacy Shield and Standard Contractual Clauses go before the European Courts

Privacy Shield complaint to be heard by Europe’s top court in July

A legal challenge to the EU-US Privacy Shield, a mechanism used by thousands of companies to authorize data transfers from the European Union to the US, will be heard by Europe’s top court this summer.

The General Court of the EU has set a date of July 1 and 2 to hear the complaint brought by French digital rights group, La Quadrature du Net, against the European Commission’s renegotiated data transfer agreement which argues the arrangement is still incompatible with EU law on account of US government mass surveillance practices.

Source: EU-US Privacy Shield complaint to be heard by Europe’s top court in July

Supreme Court dismisses Facebook appeal over transfer of user personal data to the US

Ireland’s Supreme Court has dismissed Facebook’s appeal over a High Court decision to refer key issues concerning the validity of European Commission decisions approving EU-US data transfer channels to the Court of Justice of the EU.

The referral was made by the High Court in proceedings by the Data Protection Commissioner (DPC) arising from complaints by Austrian lawyer Max Schrems the transfer of his personal data by Facebook to the US breached his data privacy rights as an EU citizen.

Source: Supreme Court dismisses Facebook appeal over transfer of user personal data to the US – Independent.ie

EU Data Protection Board not happy with EU-US Privacy Shield second review

On December 19, the EU Commission released its report on the second review of the EU-US Privacy Shield arrangement, the mechanism that allows for the transfer of data between the EU and the US. Overall, the Commission fins that the US authorities has taken steps to improve the functioning of the framework.

On January 24, the EU Data Protection Board gathering all EU data protection authorities announced that due to substantial shortcomings, the EU-US Privacy Shield risk could be struck down by the European Court of Justice later this year.

Source: EU-US Privacy Shield second review: “it’s mostly fine” says the Commission, “not really” replies the EU Data Protection Board

Department of Commerce Updates Privacy Shield FAQs to Clarify Applicability to UK Personal Data

On December 20, 2018, the Department of Commerce updated its frequently asked questions on the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks to clarify the effect of the UK’s planned withdrawal from the EU on March 29, 2019.

The FAQs provide information on the steps Privacy Shield participants must take to receive personal data from the UK in reliance on the Privacy Shield after such time.

Source: Department of Commerce Updates Privacy Shield FAQs to Clarify Applicability to UK Personal Data | Privacy & Information Security Law Blog

New FPF Study Documents More Than 150 European Companies Participating in the EU-US Data Transfer Mechanism

Week ago the European Commission published its second annual review of the EU-U.S. Privacy Shield, finding that “the U.S. continues to ensure an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S.” The decision preserves a key data transfer agreement, supporting transatlantic trade and ensuring meaningful privacy safeguards for consumers.

Full article: New FPF Study Documents More Than 150 European Companies Participating in the EU-US Data Transfer Mechanism

US told to appoint a damn Privacy Shield ombudsperson already or EU will take action

The European Commission’s second annual review of the Privacy Shield agreement made similar noises to last year’s, concluding the deal does the trick but could be better. It said the US ensures an adequate level of protection for personal data transferred under the deal, and has made some improvements, but progress is slow and there is more work to do.

The US has been told once again to appoint a permanent ombudsperson to oversee the deal governing transatlantic data flows, but this time has been given a deadline.

Full article: US told to appoint a damn Privacy Shield ombudsperson already or EU will take action • The Register

EU-US Privacy Shield passes second annual review

Despite the lack of a permanent ombudsperson, the European Commission confirmed on Wednesday that the Privacy Shield had passed its second annual review.

The US government has been given until the end of February next year to appoint a permanent ombudsperson to handle data protection complaints from EU citizens.

Source: EU-US Privacy Shield passes second annual review

FTC Gives Final Approval to Settlements in Privacy Shield Cases

US Federal Trade Commission has given final approval to settlements with four companies over allegations that they falsely claimed certification under the EU-U.S. Privacy Shield framework, which establishes a process to allow companies to transfer consumer data from European Union countries to the United States in compliance with EU law.

As part of the proposed settlements with the FTC, all four companies are prohibited from misrepresenting the extent to which they participate in any privacy or data security program sponsored by the government or any self-regulatory or standard-setting organization, and must comply with FTC reporting requirements. In addition, VenPath and SmartStart must continue to apply the Privacy Shield protections to personal information they collected while participating in the program, protect it by another means authorized by the Privacy Shield framework, or return or delete the information within 10 days of the order.

Source: FTC Gives Final Approval to Settlements with Four Companies Related to EU-U.S. Privacy Shield | Federal Trade Commission

1 2 3 7
>