On May 25, 2018, the EU General Data Protection Regulation (GDPR) enters into force. One of the major changes the GDPR introduces is a duty for in-scope controllers and processors to maintain written records of processing activities. Under Article 30 GDPR, companies will need to inventory all “processing activities under [their] responsibility” and memorialize them […]
Department of Commerce Announces First Privacy Shield Participants
Over the weekend, the Department of Commerce’s Privacy Shield website was updated to show the first participants in the U.S.-EU Privacy Shield. In total, about 45 companies have registered for Privacy Shield. Prominent examples include Microsoft Corp. (along with 20 subsidiaries), Salesforce, and corporate-travel giant World Travel, Inc. Companies with questions about Privacy Shield are […]
German DPAs Will Not Be Able to Challenge Privacy Shield this Year
Even before the ECJ’s Schrems decision invalidated Safe Harbor, the European Commission had begun working closely with US negotiators to craft what has become the U.S.-EU Privacy Shield. While EU privacy leaders have noted that Privacy Shield represents important improvements in data protection, some German DPAs have voiced a desire to challenge Privacy Shield in […]
EU Commission Publishes Long-Awaited Privacy Shield Citizen’s Guide
Just over two weeks ago, the European Commission formally adopted the US-EU Privacy Shield. As part of making Privacy Shield accessible to EU residents, the Commission has long planned to issue a “Citizen’s Guide” to the rights and remedies EU residents enjoy when data is transferred to certified Privacy Shield organizations. (A leader in the Commission’s Directorate-General […]
EU-US Privacy Shield – FAQs
Today, the European Commission (“EU Commission”) formally approved a new transatlantic framework for the transfer of personal data from Europe to the United States (“U.S.”) (the “Privacy Shield”). Under the EU Commission’s decision approving the new framework ( the “Adequacy Decision”), U.S. organizations participating in the Privacy Shield will be deemed to ensure an “adequate […]