GDPR

Privacy Shield Sunk – SCCs Treading Water: What Can Companies Do to Keep Their Head Above Water

Today the European Court of Justice (CJEU) published its highly anticipated judgement in the case of Data Protection Commissioner Ireland v Facebook Ireland Limited, Maximillian Schrems, colloquially known as “Schrems 2.0”. There were three key elements to the decision: READ MORE

Schrems 2.0 – The Next Big Blow for EU-US Data Flows? – What to Expect on Thursday, July 16th

Whatever the outcome of Schrems 2.0, the key takeaway is, don’t panic.

Tomorrow, July 16, 2020, the European Court of Justice (CJEU) is expected to rule in the case of Data Protection Commissioner Ireland v Facebook Ireland Limited, Maximillian Schrems, colloquially known as “Schrems 2.0”.

The main ingredients haven’t changed much for this long-awaited sequel to the decision that invalidated the Safe Harbor regime in 2015: Austrian data protection activist Max Schrems, Facebook Ireland, Ltd, and another commonly used international personal data transfer mechanism on the chopping block for invalidation.

This time around the court is considering the validity of the Standard Contractual Clauses (SCC) adopted by the European Commission, which goes beyond EU-U.S. transfers and could affect most agreements governing data sharing between the EU and the rest of the world. Regardless of the outcome, tomorrow’s decision is going to have a profound impact on the way international data transfers are treated for years to come – but the key takeaway is not to panic. In this blog post, we have set out the three potential rulings open to the CJEU and what steps you can take to following such a ruling. READ MORE

Orrick Establishes Automated GDPR Readiness Assessment Tool

 

On September 6, 2017, Orrick announced the launch of its innovative online automated GDPR Readiness Assessment Tool. The tool helps organizations assess their state of readiness with the EU’s new General Data Protection Regulation (GDPR) that comes into effect on 25 May 2018. The tool segments the GDPR into 14 workable themes and takes users through a series of questions relating to each theme. READ MORE

Recent Changes to EU Employee Data Protection – Two Years to Comply with New Requirements

Employee Data Protection in the EU is subject to major changes, notable to multinational companies with employees in the EU.

A few days ago, after 4 years of negotiation, the European Parliament adopted the General Data Protection Regulation (“GDPR”). As it is planned to be effective in 2018, companies should be aware that they only have two years from now to prepare for compliance.

READ MORE