On January 11, U.S. and Swiss authorities announced final agreement on the Swiss-U.S. Privacy Shield Framework. The Framework defines standards for handling personal data exported from Switzerland to the U.S. and enables U.S. companies to meet Swiss legal requirements to protect personal data transferred from Switzerland. The Framework is a successor to the former Swiss-U.S. […]
International
WP29 Issues Guidance on the Right to Data Portability under the GDPR
Late last week, the Article 29 Working Party (“WP29”) issued detailed guidance on companies’ obligations under three key provisions of the General Data Protection Regulation (“GDPR”). This is part two of a three-part Alston & Bird series evaluating WP29’s positions, and relates to the Right of Data Portability for data subjects and its obligations for data controllers. Part 1 deals […]
WP29 Releases Extensive Guidance on DPO Obligations; Companies Need to Start Planning Now
Late last week, the Article 29 Working Party (“WP29”) issued detailed guidance on companies’ obligations under three key provisions of the General Data Protection Regulation (GDPR). This is part one of a three-part Alston & Bird series evaluating WP29’s positions, and relates to Data Protection Officer obligations under the GDPR. Part 2 deals with the Right to […]
EU Releases Amendments to Model Clause and Country-Whitelisting Decisions – with Good News for Companies
Most privacy professionals are familiar with the European Court of Justice’s 2015 Schrems decision, which struck down the US-EU Safe Harbor mechanism. One lesser-discussed aspect of the ECJ’s decision related to the powers of Data Protection Authorities (DPAs) within the EU’s Member States. In the Schrems proceedings, the Irish Data Protection Commission argued that it […]
German DPAs to Survey Transfers in 500 Companies – with English Translation of DPA Questionnaire
Late last week, 10 of Germany’s 17 Data Protection Authorities (DPAs) announced they are planning to send written questionnaires to approximately 500 different companies regarding international data transfers. The following provides a brief overview of the situation, as well as an English translation of the questionnaire, for companies who are potentially affected. This summary refers […]