Your search matched the following posts:

CJEU decision in Schrems: what businesses should do next

Data Protection Report - Norton Rose Fulbright

This week, the Court of Justice of the European Union (“CJEU”) ruled that the EU-US Safe Harbor Decision is invalid in Case C-362/14 (the “Schrems” case).  This followed a similar opinion from its Advocate General, which also sets out the facts of the case.

The decision will impact businesses that rely on the EU-US Safe Harbor to legitimize their storage in, or access from, the US of personal data that is subject to EU data protection rules. It could affect cloud service providers, companies that use cloud services, intragroup shared services and any other export flows to the US … Continue Reading

Schrems: Commission holds press conference on ECJ ruling invalidating the Commission’s Safe Harbor Decision

Data Protection Report - Norton Rose Fulbright

As discussed in our post earlier, in today’s ruling on Case C-362/14 (the so-called “Schrems” case), the European Court of Justice (ECJ) invalidated the EU Commission’s “US Safe Harbor” decision with immediate effect. In the meantime, the EU Commission held a press conference discussing the impact of the judgement.… Continue Reading

Day-after-Safe Harbor action plan: anticipating ECJ Schrems decision

Data Protection Report - Norton Rose Fulbright

As we have written extensively, the European Court of Justice’s (ECJ’s) ruling in the Schrems case on October 6, 2015 may effectively invalidate the US-EU Safe Harbor framework. While we believe that the Advocate General’s rationale for the proposal is weak, organizations that rely on the Safe Harbor are anxious about the consequences such a decision could have on their operations, and want to make appropriate mitigation plans.… Continue Reading

Schrems Counterpoint: ECJ has good reasons to reject Safe Harbor invalidation

Data Protection Report - Norton Rose Fulbright

The European Court of Justice (ECJ) is expected to rule on Case C-362/14 (the “Schrems” case) on October 6, 2015.  In deciding whether to reject or adopt its Advocate General’s recommendation to invalidate the US-EU Safe Harbor, the ECJ finds itself between the proverbial rock and a hard place. Rejecting the Safe Harbor would lead to uncertainty in the ongoing negotiations to update the Safe Harbor framework, and raise questions about the interpretation of the proposed General Data Protection Regulation, which is currently being finalized in trialogue negotiations among the EU’s Council, Parliament and Commission.  If the … Continue Reading

European Court of Justice Advocate General’s Advisory Opinion in Schrems case questions validity of personal data transfers under EU/US Safe Harbor framework

Data Protection Report - Norton Rose Fulbright

On September 22, 2015,  the European Court of Justice (“ECJ”) Advocate General issued an advisory Opinion in Case C-362/14 (the “Schrems” case). A key recommendation was for the ECJ to declare the EU/US Safe Harbor Agreement invalid. It remains to be seen whether the ECJ will follow this recommendation. The controversial nature of the Safe Harbor recommendation makes predicting whether the ECJ will follow the Opinion virtually impossible. A possible mitigation of the massive impact on trans-Atlantic trade such a finding would have may be that any invalidity that the ECJ identifies in its ultimate decision is met … Continue Reading

EU data governance regulation – A wave of digital, regulatory and antitrust reform begins – Part Three

Norton Rose Fulbright - Data Protection Report blog

On 25 November 2020, the European Commission (EC) published its proposed Data Governance Regulation (the DGR), which will create a new legal framework to encourage the development of a European single market for data.

This is part three of a series of three blog posts.  In this blog post, we consider the DGR’s relationship to competition law rules.

The DGR’s relationship to competition law rules

The DGR specifies that:

  • It does not affect the application of EU competition rules – in particular rules on the exchange of competitively sensitive information between actual or potential competitors through data
Continue Reading

An “enhanced” Privacy Shield is being negotiated – third time a charm?

On 10 August, the European Commission and the US Department of Commerce confirmed that talks have begun between the EU and US for an “enhanced” Privacy Shield.

This will be the third attempt to revise this framework, following the invalidation of Safe Harbor in 2015 and Privacy Shield in July 2020. Third time a charm? We’re not so sure.

By way of recap, in Schrems II, the court made clear that Privacy Shield was invalid for three main reasons:

  1. US surveillance rules are disproportionate
  2. There is a lack of proper oversight over US surveillance programmes
  3. EU individuals do not
Continue Reading
LexBlog