After the Court of Justice of the European Union declared the EU-U.S. Safe Harbor Framework invalid in October 2015, multinational companies with employees in the EU are facing the question how to legally transfer personal data. Current developments in the process of the proposed EU-U.S. Privacy Shield result in further uncertainty for companies relying on transatlantic data flows.
Employee Data Protection in the EU is subject to major changes, notable to multinational companies with employees in the EU.
A few days ago, after 4 years of negotiation, the European Parliament adopted the General Data Protection Regulation (“GDPR”). As it is planned to be effective in 2018, companies should be aware that they only have two years from now to prepare for compliance.