On April 13, 2016, the body of European Data Protection Authorities (DPAs)—the “Article 29 Working Party” (WP29)—issued its opinion on the new EU-U.S. Privacy Shield. The WP29 acknowledged that progress has been made with the
WSGR Alert: EU Commission Publishes EU-U.S. Privacy Shield
On February 29, 2016, the European Commission unveiled the text of the EU-U.S. Privacy Shield. The Privacy Shield is designed to replace the invalidated EU-U.S. Safe Harbor Framework and to provide a new legal framework
Continue Reading WSGR Alert: EU Commission Publishes EU-U.S. Privacy Shield
EU Reaches Political Agreement on New Data Protection Regulation
On December 15, 2015, the European Parliament and the Council of the European Union reached a political agreement on the text of the EU General Data Protection Regulation (GDPR).1 This is a major step toward the official adoption of the GDPR, which is now expected in Spring 2016. The GDPR will have a significant impact on how EU and non-EU businesses can collect and process the personal data of EU individuals. This article discusses the key elements of the GDPR.
Continue Reading EU Reaches Political Agreement on New Data Protection Regulation
WSGR Alert: EU Data Protection Authorities Issue Statement Following Agreement on EU-U.S. Privacy Shield
On February 3, 2016, the body of European data protection regulators—the Article 29 Working Party (WP29)—issued a statement following the announcement of a political agreement regarding a new transatlantic data transfer scheme, the EU-U.S. Privacy
Continue Reading WSGR Alert: EU Data Protection Authorities Issue Statement Following Agreement on EU-U.S. Privacy Shield
WSGR Alert: EU and U.S. Reach a Political Agreement on Transatlantic Data Transfer Deal
On February 2, 2016, the European Commission announced that a political agreement on a new legal framework for data transfers has been reached between the European Union (EU) and the U.S. Today’s agreement introduces the
What’s Next for U.S.-EU Data Transfers? An Analysis of Recent Developments Following Schrems
On October 6, 2015, the Court of Justice of the European Union (CJEU) invalidated the U.S.-EU Safe Harbor framework as a legal basis for transferring personal data from the European Union to the U.S.1 The judgment was delivered in Schrems v. Data Protection Commissioner, a case in which Max Schrems, an Austrian student, complained to the Data Protection Authority (DPA) in Ireland about the transfer of his personal data by Facebook to its servers in the U.S.
The Schrems judgment is of major importance to the over 4,000 companies that relied on Safe Harbor to transfer personal data from the EU to the U.S. This article details the background of the case, analyzes its holdings and consequences, and summarizes the main developments that have occurred since the judgment was issued.
Continue Reading What’s Next for U.S.-EU Data Transfers? An Analysis of Recent Developments Following Schrems