In July 2020, the Schrems II decision issued and the European Commission’s adequacy decision for the EU-US Privacy Shield Framework was invalidated.  Further, and broader than the invalidation of Privacy Shield adequacy decision, the Schrems II judgement found that US surveillance measures interfered with what are considered “fundamental rights” under EU law, i.e., the rights

It has been nearly a year and a half since the Schrems II decision issued in July 2020, which invalidated the European Commission’s adequacy decision for the EU-US Privacy Shield Framework.  As a result, companies were forced to reexamine their transfers of personal information out of the EU, and the safeguards that they rely on

If you’re a company that has been scratching your head and racking your brain since the Schrems II decision issued on July 16, 2020, invalidating Privacy Shield and calling into question all data transfers between the EU and third countries on surveillance-related grounds, your wish for more guidance has finally come true.

This week, the

Last week, on July 16, 2020, Europe’s top court invalidated the EU-US data flow arrangement called Privacy Shield.  In a world with competing privacy regulations, many thousands of global businesses relied heavily Privacy Shield to conduct their business across EU-US borders (there are 5300+ current Privacy Shield participants, and the transatlantic economic relationship is valued

Just last year the public was scrutinizing Big Tech for its collection and use of extraordinary amounts of data about people’s activities, from real-world location tracking to virtual lingering and clicks.  This scrutiny led to the landmark California Consumer Privacy Act, among other general privacy and data protection laws around the world. Will Big Tech

The number of actions to enforce the European Union’s General Data Protection Regulation (GDPR) against a wide range of companies continues to rise.  Germany, a country where privacy enjoys strong legal protection, is establishing itself as a favorite jurisdiction for enforcement of the GDPR.  And, not surprisingly, Facebook is one of the companies in the

ZDNet.com, relying on research by Forrester Research, recently reported that “GDPR enforcement is on fire!”  This is likely a foreshadowing of the prevalence of US privacy enforcement proceedings in the near future.  Indeed, it appears that if the FTC and AG offices are not able to keep up, plaintiffs in the United States are more