In July 2020, the Schrems II decision issued and the European Commission’s adequacy decision for the EU-US Privacy Shield Framework was invalidated. Further, and broader than the invalidation of Privacy Shield adequacy decision, the Schrems II judgement found that US surveillance measures interfered with what are considered “fundamental rights” under EU law, i.e., the rights
European Union
Can European Websites use Google Analytics and Similar Services Without Violating the GDPR?
It has been nearly a year and a half since the Schrems II decision issued in July 2020, which invalidated the European Commission’s adequacy decision for the EU-US Privacy Shield Framework. As a result, companies were forced to reexamine their transfers of personal information out of the EU, and the safeguards that they rely on…
EU Data Transfers Update: You Have a Lot of Weekend Reading To Do!
If you’re a company that has been scratching your head and racking your brain since the Schrems II decision issued on July 16, 2020, invalidating Privacy Shield and calling into question all data transfers between the EU and third countries on surveillance-related grounds, your wish for more guidance has finally come true.
This week, the…
Speed Dating in the UK? Negotiating New Data Protection Relationships with the EU
With all that has happened this year, most of us can’t wait until 2020 is in the rear view mirror. The end of 2020, however, marks the end of the transition period provided, post-Brexit, to allow time for UK businesses and organizations that rely on international data flows, target European customers or operate inside the…
Privacy Shield is Invalid. Time to Reconsider Cross-Border Data Transfers and Responses to US Surveillance Requests
Last week, on July 16, 2020, Europe’s top court invalidated the EU-US data flow arrangement called Privacy Shield. In a world with competing privacy regulations, many thousands of global businesses relied heavily Privacy Shield to conduct their business across EU-US borders (there are 5300+ current Privacy Shield participants, and the transatlantic economic relationship is valued…
Europe’s Excellence and Trust in AI
The European Commission recently presented strategies for data and Artificial Intelligence (AI) focusing on promoting excellence in AI and building trust. The Commission’s White Paper, “On Artificial Intelligence – A European approach to excellence and trust,” addresses the balance between the promotion of AI with regulation of its risks. “Given the major impact…
Taking A Stand (And Facebook)
The number of actions to enforce the European Union’s General Data Protection Regulation (GDPR) against a wide range of companies continues to rise. Germany, a country where privacy enjoys strong legal protection, is establishing itself as a favorite jurisdiction for enforcement of the GDPR. And, not surprisingly, Facebook is one of the companies in the…
GDPR Enforcement a Foreshadowing of 2020-2021 US Privacy and Cybersecurity Litigation?
ZDNet.com, relying on research by Forrester Research, recently reported that “GDPR enforcement is on fire!” This is likely a foreshadowing of the prevalence of US privacy enforcement proceedings in the near future. Indeed, it appears that if the FTC and AG offices are not able to keep up, plaintiffs in the United States are more…
Britain Cracks Down on Child Data Privacy
Last month, the UK Information Commissioner’s Office released a comprehensive Age Appropriate Design Code that seeks to protect children within the digital world.
The code sets out 15 flexible standards of age appropriate design for online services. These standards focus on providing “high privacy” default settings, transparency to children with regard to active location tracking…
If You Give a User a Cookie (Notice)
Since the GDPR went into effect in May 2018, there’s been a noticeable surge in the display of cookie consent notices (or cookie banners), with large variations in text, the choices presented to users, and even the position of the notice on the webpage.
But how are users actually interacting with these cookie banners, if…