Alston & Bird Privacy, Cyber & Data Strategy Blog

European Privacy & Cybersecurity

The GDPR Reaches the US Supreme Court in Cert Petition

By

The EU’s General Data Protection Regulation (GDPR) has been raised in a petition for certiorari before the US Supreme Court, apparently for the first time since the GDPR entered into application in 2018.  A party in Vesuvius USA Corp. v. Phillips has filed a petition for certiorari in a GDPR-related discovery dispute.  Of course, since […]

The EDPB-EDPS Joint Opinion on Data Processing Standard Contractual Clauses: Key Takeaways

By

When a controller engages a processor, the GDPR requires that the parties enter into a specific contract that contains certain mandatory provisions. This contract is often referred to as a ‘data processing agreement’ or ‘DPA’. To facilitate compliance with this requirement, the GDPR has provided the European Commission with the power to issue standard contractual […]

Brexit Trade Agreement Provides a Temporary Solution for Companies Transferring Personal Data from the EEA to the UK

By and

On December 24, 2020, the EU and the UK reached an agreement on the terms of their future cooperation following the end of the Brexit Transition Period (i.e., following 31 December 2020). The EU-UK Trade and Cooperation Agreement (the ‘Agreement’) contains a temporary solution for companies transferring personal data from the EEA to the UK, […]

UK ICO Publishes New Data Sharing Code

By and

On December 17, 2020, the UK Information Commissioner’s Office (‘ICO’) published its Data Sharing Code of Practice (the ‘Code’) following a public consultation which commenced in 2019. The Code focuses mainly on data sharing among data controllers who are subject to the GDPR and the UK Data Protection Act (‘DPA’) 2018. Data controllers falling within […]

U.S. Department of Commerce Releases White Paper to Assist Organizations in Conducting Schrems II Assessments

By

In a letter from Deputy Assistant Secretary James Sullivan, the U.S. Department of Commerce introduced a white paper, “Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II,” to assist organizations in conducting independent analyses of data transfers in light of the July 16, 2020 […]