In a joint press conference on March 25, 2022, U.S. President Joseph Biden and European Commission President Ursula von der Leyen announced an agreement “in principle” on a framework, called the Trans-Atlantic Data Privacy Framework (“Privacy Shield 2.0”), to replace the U.S.-EU Privacy Shield. The EU General Data Protection Regulation
Cross-border data transfers
Noteworthy Trends in Privacy and Data Security
Reports of sophisticated cyberattacks and ransomware threats dominated 2021 headlines, along with evolving state data privacy laws in the absence of comprehensive federal data protection regulation. Cross-border data transfers between the EU and US still lack a clear, streamlined mechanism while national authorities continue to negotiate an EU-US Privacy Shield…
European Union Parliament Makes Progress on Adopting Proposed EU Data Protection Regulation
On October 21, a key European parliamentary committee (the Committee on Civil Liberties, Justice and Home Affairs (“Committee”) approved an amended version of the draft EU Data Protection Regulation, paving the way for further negotiations with EU governmental bodies. The goal, according to a press release by the Committee, is…
EU Article 29 Working Party Clarifies Definitions of “Data Controller” and “Data Processor”
On February 16, 2010, the EU Article 29 Working Party published Opinion 1/2010, in which it clarified the definitions of “data controller” and “data processor” as those designations are used within the European Data Protection Directive. The Working Party’s opinion is welcome guidance, as such designations are often difficult to apply in practice, especially given the increasing complexity of globalization, organizational differentiation, and information and communication technologies.
…
European Commission Seeks to Balance Data Protection and Business Globalization with Updated Standard Contractual Clauses
The European Commission has updated its Standard Contractual Clauses which govern the transfer of personal data from data exporters within the European Union to data processors outside of the European Union.
…
A New Solution for Global Outsourcing? The EU Commission Considers New SCCs For Cross-Border Data Transfers
The European Commission is considering modifying the standard contractual clauses (hereafter “SCCs”) established on December 27, 2001 and used by data controllers to transfer personal data to data processors located outside the EU. The new SCCs may introduce more flexibility in processing services and better reflect new business practices.…