On July 29, 2016, the Southern District of New York, in Meyer v. Kalanick, refused to enforce mandatory arbitration and jury waiver provisions against a putative class of Uber consumers. In a lengthy and strongly worded decision by Judge Rakoff, the Court held that consumers had not received sufficient notice of, and did not assent to, the online terms of service that contained the arbitration and waiver clauses at issue.
Every company that seeks to implement contractual commitments through online terms and policies should pay close attention to this decision. While not binding in other jurisdictions outside the SDNY, Meyer reflects a growing trend of more exacting judicial scrutiny on the enforceability of online agreements across the country, and represents an important development in a rapidly developing area of the law.
As of, August 1st, 2016, U.S. companies can now join the Safe Harbor successor EU-U.S. Privacy Shield (the “Privacy Shield”) for personal data transfers from the EU to the U.S.
This post gives a high level summary of what companies should consider with the Privacy Shield.
On July 12, 2016, the European Commission (the “Commission”) formally adopted the adequacy decision necessary to implement the Privacy Shield. This means that transfers of personal data from the EU to the U.S. that are made pursuant to the Privacy Shield’s requirements are lawful under EU law. The Privacy Shield replaces the EU-U.S. Safe Harbor Framework, which was invalidated by the Court of Justice of the European Union (“CJEU”) on October 6, 2015.