International

Singapore Joins the APEC CBPR and PRP

March 7, 2018 By Maki DePalo

On March 6, Singapore announced that it has become the sixth country to participate in the Cross-Border Privacy Rules System (CBPR) as of February 20, 2018, joining the United States, Mexico, Canada, Japan and the Republic of Korea, and the second country to participate in the Privacy Recognition for Processors System (PRP) alongside the United […]

Supreme Court Hears Oral Argument in the Microsoft Ireland Case

March 6, 2018 By Privacy, Cyber & Data Strategy Team

On Tuesday, February 27th, the U.S. Supreme Court heard oral argument in United States v. Microsoft Corp. on whether a warrant issued under the Stored Communications Act (SCA) can compel the production of data stored outside the United States. Where Microsoft argues that the emails stored outside the United States also lie outside the reach […]

German DPAs Publish Model GDPR Processing Records – Translations Provided

February 26, 2018 By Daniel Felz

In just under 100 days, the EU General Data Protection Regulation (GDPR) enters into force. One of the major changes the GDPR introduces is a duty for in-scope controllers and processors to maintain written records of their processing activities. Under Article 30 GDPR, companies will need to inventory all “processing activities under [their] responsibility” and […]

ECJ Rules against Schrems Class Action, Sets Up Jurisdictional Questions for GDPR Class Actions

January 30, 2018 By Daniel Felz

In late 2015, the European Court of Justice (ECJ) issued its initial Schrems decision, invalidating the EU/US Safe Harbor and leading to important developments in the rules for transferring personal data from the EU to the US. Since that decision, Mr. Schrems has pursued two further legal proceedings in the EU. The first involves Mr. Schrems’ challenge in […]