Introduction:
On 22 May, the Irish Data Protection Commissioner (the DPC) published its decision against Meta Platform Ireland Ltd (Meta Ireland) in relation to Facebook’s transfer of user’s personal data to the US (the Decision). In
Data protection legal insight at the speed of technology
Introduction:
On 22 May, the Irish Data Protection Commissioner (the DPC) published its decision against Meta Platform Ireland Ltd (Meta Ireland) in relation to Facebook’s transfer of user’s personal data to the US (the Decision). In…
Max Schrems’ privacy NGO, noyb, has sent hundreds of draft complaints to companies across Europe that it claims use unlawful cookie banners along with a guide of how to comply. noyb is giving these companies one month to make…
Following the CJEU’s Schrems II ruling (case C-311/18 of July 16, 2020), transfers of personal data to the US are coming under close scrutiny by the German data protection authorities. Some German data protection authorities have announced that they will…
On 12 November, the European Commission published revised Standard Contractual Clauses (SCCs) and a draft implementing decision. A feedback period on the draft documents will run until 10 December. Therefore, it is not possible to give a precise date…
On 6 October 2020, the Court of Justice of the European Union (CJEU) published two decisions that further define the permitted scope of governmental access to personal data.
These decisions are relevant in two key areas:
…
Eureka! After burning the midnight oil, we’ve built an automated scanner to identify and sort the Schrems II risk of data flows for further legal handling. The scanner uses more than 20 different data points derived from network metadata to…
In the immediate aftermath of the Schrems II judgement, Bruno Gencarelli (Head of the International data flows and protection unit at the European Commission) said that “Schrems II is data transfers from theory to practice”. There have been several…
On 16 July 2020, the Court of Justice of the European Union (CJEU) published its decision in the landmark case Data Protection Commissioner v Facebook Ireland Ltd, Maximilian Schrems and intervening parties, Case C-311/18 (known as the Schrems …
Schrems II calls into question all transfers of personal information out of the EU that involve export to a country without an adequacy finding. While this affects countries in every region of the world, it does have particular ramifications for…
The Court of Justice of the European Union (CJEU) has today published its decision in the landmark case, known as Schrems II. While Privacy Shield has been completely invalidated, the Standard Contractual Clauses (SCCs) remain valid, but…