Tag archives: Binding Corporate Rules

EU-US Privacy Shield scrutinized in Article 29 Working Party initial response

Data Protection Report - Norton Rose Fulbright

On February 3, 2016, the Article 29 Working Party (WP29) released a statement on the consequences of the Schrems judgment, following an assessment of the legal framework and the practices of US intelligence services. The WP29 expressed continuing concerns about the US framework for processing personal data for intelligence purposes, in spite of recent reforms.… Continue Reading

German Data Protection Authorities Suspend BCR approvals, question Model Clause transfers

Data Protection Report - Norton Rose Fulbright

Following on from the EU Article 29 Working Party Statement of 16 October 2015, the Conference of the German Data Protection Authorities – (“DPAs”) has today issued guidance (referred to as a Position Paper) on the consequences of the CJEU decision in the Schrems case (Case C-362/14).… Continue Reading

CJEU decision in Schrems: what businesses should do next

Data Protection Report - Norton Rose Fulbright

This week, the Court of Justice of the European Union (“CJEU”) ruled that the EU-US Safe Harbor Decision is invalid in Case C-362/14 (the “Schrems” case).  This followed a similar opinion from its Advocate General, which also sets out the facts of the case.

The decision will impact businesses that rely on the EU-US Safe Harbor to legitimize their storage in, or access from, the US of personal data that is subject to EU data protection rules. It could affect cloud service providers, companies that use cloud services, intragroup shared services and any other export flows to the US … Continue Reading

Schrems: Commission holds press conference on ECJ ruling invalidating the Commission’s Safe Harbor Decision

Data Protection Report - Norton Rose Fulbright

As discussed in our post earlier, in today’s ruling on Case C-362/14 (the so-called “Schrems” case), the European Court of Justice (ECJ) invalidated the EU Commission’s “US Safe Harbor” decision with immediate effect. In the meantime, the EU Commission held a press conference discussing the impact of the judgement.… Continue Reading

Day-after-Safe Harbor action plan: anticipating ECJ Schrems decision

Data Protection Report - Norton Rose Fulbright

As we have written extensively, the European Court of Justice’s (ECJ’s) ruling in the Schrems case on October 6, 2015 may effectively invalidate the US-EU Safe Harbor framework. While we believe that the Advocate General’s rationale for the proposal is weak, organizations that rely on the Safe Harbor are anxious about the consequences such a decision could have on their operations, and want to make appropriate mitigation plans.… Continue Reading

Europe and US slated to agree on revised US-EU/US-Swiss Safe Harbor framework

Data Protection Report - Norton Rose Fulbright

It is being reported that the European Union and the United States are nearing an agreement on the revised US-EU/US-Swiss Safe Harbor framework. Thousands of US companies that have certified compliance with the Safe Harbor should be encouraged that the framework – which has been the subject of sustained criticism by European data protection regulators – will live another day. At the same time, certified organizations should prepare for enhanced requirements and a more robust enforcement climate that might come with the revised framework.… Continue Reading

LexBlog