Most privacy professionals are familiar with the European Court of Justice’s 2015 Schrems decision, which struck down the US-EU Safe Harbor mechanism. One lesser-discussed aspect of the ECJ’s decision related to the powers of Data Protection Authorities (DPAs) within the EU’s Member States. In the Schrems proceedings, the Irish Data Protection Commission argued that it […]
German DPAs to Survey Transfers in 500 Companies – with English Translation of DPA Questionnaire
Late last week, 10 of Germany’s 17 Data Protection Authorities (DPAs) announced they are planning to send written questionnaires to approximately 500 different companies regarding international data transfers. The following provides a brief overview of the situation, as well as an English translation of the questionnaire, for companies who are potentially affected. This summary refers […]
ECJ Declares IP Addresses are Personal Data
Today, the European Court of Justice (ECJ) issued its long-awaited decision in Breyer v. Germany. Breyer addresses the question of whether IP addresses are “personal data” for purposes of EU data protection law. As is widely known, personal data is any information that would permit a particular individual to be identified, whether directly or in […]
German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers
On June 7, 2016, the European Commission adopted the US-EU Privacy Shield. Companies that self-certify under Privacy Shield with the US Department of Commerce – dubbed “Privacy Shield organizations” – are thus officially recognized by the EU as providing an adequate level of protection for data transferred from the EU. As a result, Privacy Shield […]
Austrian Supreme Court Refers Schrems Consumer Class Action to ECJ
Just under a year ago today, the European Court of Justice (ECJ) issued its Schrems decision, which invalidated Safe Harbor and led to substantial developments in US-EU data-transfer mechanisms. In parallel to the ECJ Safe Harbor litigation, Mr. Schrems has maintained two further legal proceedings in the EU: (1) a challenge in the Irish courts […]