Tag Archives: EU-U.S. Privacy Shield

UK Issues Regulations on Post-Brexit Data Protection Law

Two sets of regulations aimed at readying UK data protection law for a post-Brexit world have been promulgated in recent weeks.  These regulations, which were made pursuant to the EU (Withdrawal) Act 2018 (EUWA), will only come into force in most respects upon the UK’s withdrawal from the EU.  Broadly speaking, these regulations are intended … Continue Reading

European Data Protection Board Releases Report on the Privacy Shield

On January 24, the European Data Protection Board (“EDPB”) adopted a report (“Report”) regarding the second annual review of the EU-U.S. Privacy Shield (“Privacy Shield”).  In a press release accompanying the Report, the EDPB welcomed efforts by EU and U.S. authorities to implement the Privacy Shield,  including in particular the recent appointment of a permanent … Continue Reading

Privacy Shield Updates: Second Annual Review and Brexit Guidance

Earlier this week, the European Commission (“Commission”) published its Report on the second annual review of the EU-U.S. Privacy Shield (“Privacy Shield”) (the Report is accompanied by a Staff Working Document).  The Report concludes that the Privacy Shield “continues to ensure an adequate level of protection” for personal data transferred from the EU to the … Continue Reading

Information Commissioner’s Office Issues Guidance on UK Data Protection Law in the Event of a “No-Deal” Brexit

On December 13, 2018, the Information Commissioner’s Office (“ICO”) in the United Kingdom issued guidance on the state of UK data protection law should the country leave the European Union (“EU”) without having reached an agreement on the terms of its withdrawal.  Much of this latest guidance is consistent with the ICO’s earlier guidance on … Continue Reading

EU Commission Concludes Privacy Shield “Adequate” in first Annual Review

The European Commission has today published its Report on the first annual review of the EU-U.S. Privacy Shield (the Report is accompanied with a Staff Working Document, Infographic, and Q&A).  The Commission concludes that Privacy Shield continues to ensure an adequate level of protection for personal data transferred from the EU to Privacy Shield-certified companies … Continue Reading

CJEU: EU-Canada proposed agreement on the transfer of Passenger Name Record data does not conform to EU data protection law standards

By Dan Cooper and Rosie Klement On July 26, 2017, the Court of Justice of the EU (CJEU) published Opinion 1-15 (the “Opinion”) on the proposed agreement between the European Union and Canada on the transfer and processing of passenger name record (“PNR”) data (the “Agreement”).  The Agreement was signed in 2014, but the CJEU … Continue Reading

EU Data Protection Authorities Urge European Commission to Ensure Rigor in First Annual Privacy Shield Review

The Article 29 Working Party (“WP29”), a group consisting of representatives from each European data protection authority, the European Data Protection Supervisor, and the European Commission, yesterday issued a press release detailing its recommendations for the first Annual Joint Review of the EU-U.S. Privacy Shield (“Privacy Shield”), which will take place in September 2017.  Specifically, … Continue Reading

First Annual Privacy Shield Review Will Comprehensively Assess the Framework

The first annual review of the EU-U.S. Privacy Shield (“Privacy Shield”) is scheduled to occur in September 2017 in Washington, D.C.  The first review is particularly important for the nascent framework, as regulators in both the U.S. and the EU are expected to closely scrutinize the operation of the first year of the Privacy Shield, … Continue Reading

Privacy Shield Approaches 2,000 Participants; Review Scheduled for September

Nearly 2,000 organizations are now listed as self-certified to the EU-U.S. Privacy Shield on the Department of Commerce’s (“Commerce”) Privacy Shield website.  Given current developments on both sides of the Atlantic, there are likely to be significant Privacy Shield developments in the coming months. EU Justice Commissioner Věra Jourová recently concluded her visit to the … Continue Reading

European Commission Dismisses Privacy Shield Concerns Over Trump Executive Order

On January 25, 2017, President Trump signed a new Executive Order on Enhancing Public Safety in the Interior of the U.S.  Among other elements, the Executive Order directs U.S. government agencies to “ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy … Continue Reading

EU Commissioner Plans to Assess U.S. Privacy Shield Commitments

In an interview with Politico (link requires a subscription), EU Justice Commissioner Věra Jourová, one of the principal architects of the EU-U.S. Privacy Shield, indicated that she plans to visit the U.S. once the Trump Administration is in place to assess the state of the new administration’s commitment to the Privacy Shield.  In the interview, … Continue Reading

Challenge to EU-U.S. Privacy Shield Lands at EU Court

On September 16, 2016, Digital Rights Ireland (“DRI”), a digital rights advocacy group, lodged an action with the EU General Court for annulment of the European Commission’s Decision on the EU-U.S. Privacy Shield arrangement.  While the existence of the application has only recently become public knowledge, it was widely-expected that the Privacy Shield would face … Continue Reading

EU Data Protection Authorities Call For Further Clarifications on the EU-U.S. Privacy Shield and Raise Some Concerns

By Helena Marttila-Bridge Today, the Article 29 Data Protection Working Party (“Working Party”), a group consisting of representatives from the European data protection authorities, the European Data Protection Supervisor, and the European Commission, published its opinion on the EU-U.S. Privacy Shield draft adequacy decision (“Opinion”) (see here). The Opinion is accompanied by a second document, … Continue Reading

European Parliament Committee Debate on the EU-U.S. Privacy Shield

Yesterday, the European Parliament Committee on Civil Liberties, Justice and Home Affairs (“LIBE Committee”) held a public hearing on the EU-US Privacy Shield, see agenda here and a video of the hearing here. While European Parliament support is not strictly necessary for the approval of the Privacy Shield, it’s view certainly has political weight. The … Continue Reading

Advocacy Group Letter Opposes Privacy Shield

Yesterday, a group of twenty-seven privacy and civil liberties organizations sent a letter to EU officials opposing the EU-U.S. Privacy Shield, which was released last month and is currently being reviewed by the Article 29 Working Party in the EU.  According to the letter, the Privacy Shield “manifestly fails” to meet the standards set by … Continue Reading

Privacy Shield: Top Five Reasons It’s Tougher Than the Safe Harbor, Whether You Should Certify, and Next Steps

As noted in our post yesterday, the text of the EU-U.S. Privacy Shield, the upcoming trans-Atlantic data-transfer framework between the EU and U.S. to replace the invalidated U.S.-EU Safe Harbor, has been released by the U.S. Department of Commerce.  Commerce’s release coincided with the release of a draft adequacy decision by the European Commission. A … Continue Reading

EU-U.S. Privacy Shield Package Released

Today, the European Commission published the text of the new EU-U.S. Privacy Shield (see the Commission’s press release here), which consists of: a draft adequacy decision; the EU-U.S. Privacy Shield Framework Principles issued by the U.S. Department of Commerce; and the official representations and commitments contained in separate letters from: Secretary of Commerce Penny Pritzker … Continue Reading

EU DPA Enforcement Guidance Post-Schrems

Industry eagerly awaits further guidance from data protection authorities (“DPAs”) relating to the EU-U.S. Privacy Shield as well as on the validity (or otherwise) of other mechanisms for transfers to the U.S. such as standard contractual clauses (“SCCs”) and binding corporate rules (“BCRs”).  As we explained in recent posts (here and here), publication of an … Continue Reading

Commerce Releases Fact Sheet on the EU-U.S. Privacy Shield

As we reported yesterday, the United States and the European Commission have reached a political agreement on a new framework for transatlantic data flows, referred to as the EU-U.S. Privacy Shield.  The U.S. Department of Commerce (“Commerce”) released a fact sheet yesterday to coincide with the announcement of the agreement. The fact sheet includes a … Continue Reading

Article 29 Working Party Reacts to the U.S.-EU Privacy Shield Agreement

On February 3rd, the Article 29 Working Party, representing Europe’s data protection authorities, published its reaction to the announcement of a new “Privacy Shield” political agreement between the European Commission and the U.S. Government.  The Privacy Shield agreement, announced on February 2nd (and further described in our blog post here), is intended to replace the … Continue Reading

Agreement Reached on New EU-U.S. Safe Harbor: the EU-U.S. Privacy Shield

By Dan Cooper, Phil Bradley-Schmieg and Joseph Jones Today (February 2nd, 2016), the European Commission and U.S. Government reached political agreement on the new framework for transatlantic data flows.  The new framework – the EU-U.S. Privacy Shield – succeeds the EU-U.S. Safe Harbor framework (for more on the Court of Justice of the European Union … Continue Reading
LexBlog