fbpx

Providing Clarity

In An Area Of Increasing Complexity


 

Data processing and storage are increasingly a global undertaking. Data collected from an individual in one jurisdiction is often processed and stored in another. This global reality presents considerable challenges and complexity in the context of privacy and related regulatory regimes. For example, in the EU, EEA, and UK, the GDPR provides some of the most robust protections when it comes to privacy. In contrast, the United States provides less strict protections as things stand.

Moreover, after the invalidation of the Privacy Shield by the Court of Justice of the European Union (CJEU) in the Schrems II decision, what was an already opaque area of the law became even more challenging. When it comes to cross-border data transfers, regulatory guidance is in flux, and the global regulatory regimes are incredibly dynamic. At RICHT, we counsel clients on various matters relating to such transfers, including Standard Contractual Clauses (SCCs) promulgated by the European Commission and supplementary technical measures and other data transfer agreements (DTAs), among a variety of other issues. 


Find Out About How We Can Help You With Navigating Cross Border Data Transfers While Avoiding Legal Risk




    Privacy & Cybersecurity Practice Insights


     


    Cross Border Data Transfer News


     

    IAPP

    Text comparison of principles for commercial transfers: From Privacy Shield to DPF

    The version incorporated into the draft European Commission adequacy decision, released December 13, 2022, is an update to similar principles included in the predecessor arrangement, the EU-U.S. Privacy Shield Framework. To aid Privacy Shield businesses in assessing any changes between the Privacy Shield principles and DPF principles, IAPP created a redlined version of the document.

    Data Transfer
    GDPR
    The White House

    FACT SHEET: President Biden Signs Executive Order to Implement the European Union-U.S. Data Privacy Framework

    President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (E.O.) directing the steps that the United States will take to implement the U.S. commitments under the European Union-U.S. Data Privacy Framework.

    Data Transfer
    SCCs
    GDPR
    UK
    IAPP

    Austrian DPA’s Google Analytics Decision Could Have 'Far-Reaching Implications'

    The recent decision by the Austrian Data Protection Authority that the use of Google Analytics violates the EU General Data Protection Regulation could have “far-reaching implications."

    Data Transfer
    SCCs
    GDPR
    UK
    Sidley Austin

    European Commission Adopts UK Adequacy Decisions Allowing Personal Data to Freely Flow from the EU to the UK

    On 28 June 2021, the European Commission announced that it has adopted two adequacy decisions for the UK, one under the General Data Protection Regulation (GDPR) and one under the Data Protection Directive with Respect to Law Enforcement (Law Enforcement Directive) (Adequacy Decisions).

    Data Transfer
    GDPR
    UK
    IAPP

    Top-10 Do’s and Don’ts for Service Providers Implementing the New SCCs with EU Customers

    The European Commission recently issued its decision approving revised standard contractual clauses for data transfers to third countries in the Official Journal. The new SCCs are a mechanism companies can use to address the restriction under Article 44 in the EU General Data Protection Regulation on the cross-border transfer of personal data to third countries. Here are a few recommendations service providers should consider when implementing the new SCCs with their EU customers.

    Data Transfer
    GDPR
    EU
    SCCs