Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S.
The Dutch Data Protection Authority (DPA) has fined Uber a record €290 million ($324 million) for allegedly failing to comply with European Union (E.U.) data protection standards when sending sensitive driver data to the U.S.
European Commission adopts EU-US adequacy decision
The European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework, concluding it ensures U.S. protection of personal data transferred between the countries is comparable to that offered in the EU.
Meta Fined $1.3 Billion for Violating E.U. Data Privacy Rules
The Facebook owner said it would appeal an order to stop sending data about European Union users to the United States.
Text comparison of principles for commercial transfers: From Privacy Shield to DPF
The version incorporated into the draft European Commission adequacy decision, released December 13, 2022, is an update to similar principles included in the predecessor arrangement, the EU-U.S. Privacy Shield Framework. To aid Privacy Shield businesses in assessing any changes between the Privacy Shield principles and DPF principles, IAPP created a redlined version of the document.
FACT SHEET: President Biden Signs Executive Order to Implement the European Union-U.S. Data Privacy Framework
President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (E.O.) directing the steps that the United States will take to implement the U.S. commitments under the European Union-U.S. Data Privacy Framework.
Austrian DPA’s Google Analytics Decision Could Have 'Far-Reaching Implications'
The recent decision by the Austrian Data Protection Authority that the use of Google Analytics violates the EU General Data Protection Regulation could have “far-reaching implications."
European Commission Adopts UK Adequacy Decisions Allowing Personal Data to Freely Flow from the EU to the UK
On 28 June 2021, the European Commission announced that it has adopted two adequacy decisions for the UK, one under the General Data Protection Regulation (GDPR) and one under the Data Protection Directive with Respect to Law Enforcement (Law Enforcement Directive) (Adequacy Decisions).
Top-10 Do’s and Don’ts for Service Providers Implementing the New SCCs with EU Customers
The European Commission recently issued its decision approving revised standard contractual clauses for data transfers to third countries in the Official Journal. The new SCCs are a mechanism companies can use to address the restriction under Article 44 in the EU General Data Protection Regulation on the cross-border transfer of personal data to third countries. Here are a few recommendations service providers should consider when implementing the new SCCs with their EU customers.