Photo of Laura Somaini

Laura Somaini

Laura Somaini is an associate in the Data Privacy and Cybersecurity Practice Group.

Laura advises clients on EU data protection, e-privacy and technology law, including on Italian requirements. She regularly assists clients in relation to GDPR compliance, international data transfers, direct marketing rules as well as data protection contracts and policies.

On December 13, 2022, the European Commission released its draft adequacy decision on the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), which, once formally adopted, would recognize that the United States ensures an adequate level of protection for personal data transferred from the EU to organizations certified under the EU-U.S. DPF.  The draft decision follows the issuance of Executive Order 14086 on Enhancing Safeguards for U.S. Signals Intelligence Activities (“EO 14086”) by President Biden on October 7, 2022 (see our previous blog post here), and the political agreement reached between the EU and the U.S. in March 2022 (see our previous blog post here).

As many had expected, the draft adequacy decision assesses the limitations and safeguards relating to the collection and subsequent use of personal data transferred to controllers and processors in the United States by U.S. public authorities.  In particular, the draft decision assesses whether the conditions under which the U.S. government may access data transferred to the United States fulfill the “essential equivalence” test pursuant to Article 45(1) of the GDPR, as interpreted by the Court of Justice of the European Union (“CJEU”) in Schrems II (see our previous blog post here). 

Continue Reading European Commission Releases Draft Adequacy Decision on the EU-U.S. Data Privacy Framework

On October 13, 2022, the European Data Protection Supervisor (“EDPS”) released its Opinion 20/2022 on a Recommendation issued by the European Commission in August 2022 calling for a Council Decision authorising the opening of negotiations on behalf of the European Union for a Council of Europe convention on artificial intelligence, human rights, democracy and the

On October 7, 2022, President Biden signed an Executive Order directing the steps that the United States will take to implement its commitments under the new EU-U.S. Data Privacy Framework.  The framework was announced by the U.S. and the EU Commission in March 2022, after reaching a political agreement in principle (see our blog post

On April 23, 2022, the European Parliament and Council of the EU announced that they reached a provisional political agreement on the Digital Services Act (“DSA”) during their final trilogue meeting.  The news comes roughly one month after the provisional political agreement on the Digital Markets Act (“DMA”).

Both acts are part of the European