Last week I was interviewed by Laurie Clarke about the future of EU-US data transfers and what the US needs to do to make a new agreement a reality. Read “After a year of limbo a EU-US data privacy agreement still hangs in the balance” published in Tech Monitor, part of the New Statesman Media ...
Today marks the first anniversary of the CJEU’s “Schrems II” ruling which invalidated the European Commission’s Privacy Shield adequacy decision concerning the transfer of data to the US. Despite an urgent need to reach a deal on transatlantic data flows for economic and geopolitical reasons, few if any concrete results have been seen to date. As stressed earlier this year by European Commissioner Didier Reynders and Věra Jourová, Vice President of ...
You might be aware that early last month US Congresswoman Suzan DelBene, Representing Washington's 1st District, introduced the Information Transparency and Personal Data Control Act – in her words “legislation that would create a national data privacy standard to protect our most personal information and bring our laws into the 21st Century.” Important aspects of the Information Transparency and Personal Data ...
I just attended today’s online LIBE meeting on possible solutions following the CJEU’s “Schrems II” decision, where it was recognized that the question of data transfers to third countries is fundamentally a geopolitical matter before being a legal one. In this way, legal certainty should be re-established as soon as possible – but such an achievement ...
After the official statements of the European Data Protection Board (EDPB) and several Supervisory Authorities (SAs), it is clear that at the moment there is no practical way for data to lawfully flow from the EU to the US. The reasoning in 5 steps: On 16 July 2020 the Court of Justice of the European Union (CJEU) invalidated the European ...
This blog is part of a multi-part series, “A new age of data transfers”, which will explore the practical implications of the Court of Justice of the European Union’s judgement in Case C-311/18 “Schrems II”. Following the invalidation of the Privacy Shield on 16 July 2020 by the Court of Justice of the European Union, the situation ...
In her intervention at the "The General Data Protection Regulation one year on: Taking stock in the EU and beyond" event held on 13 June 2019, Commissioner Věra Jourová discussed the state of the art of the GDPR, also with the aim of providing input to the next Commission who "will have to start working ...
On May 31st the Supreme Court of Ireland denied Facebook’s appeal to avoid referral of its recent case concerning the international transfer of personal data to the European Court of Justice. You most likely remember the case brought forth by privacy activist and lawyer Max Schrems which questions whether the methods used by technology companies, and ...
“The supervisory authorities should have the power to prohibit or suspend a data transfer or a set of transfers based on the standard contractual clauses in those exceptional cases where it is established that a transfer on contractual basis is likely to have a substantial adverse effect on the warranties and obligations providing adequate protection ...
The decision of the Austrian Supreme Court on 12 September 2016 to refer the class action suit brought against Facebook by Privacy advocate Max Schrems to the European Court of Justice will have widespread consequences for both companies and consumers in Europe. Class actions on privacy-related matters represent a game changer for both consumers and businesses ...
Top-tier European ICT, Privacy & Cybersecurity lawyer. Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity (ECPC) within the Maastricht University Faculty of Law. Founding Partner of ICT Legal Consulting. Lead Auditor BS ISO/IEC 27001:2013.
Read more
CONNECT