The European Court of Justice handed down its Schrems decision invalidating the Safe Harbor mechanism on October 6, 2015. Since then, companies have been looking to the Data Protection Authorities (DPAs) of EU member states to see how the decision would be interpreted and enforced. As many companies know, Germany is a multifaceted data-protection landscape. […]
Cross-border
European Commission Releases Communication on Schrems and Safe Harbor 2.0
On November 6, 2015, the European Commission released a widely-anticipated Communication assessing the impact of the judgment of the European Court of Justice (“ECJ”) in the Schrems case (C-362/14), which invalidated the U.S.-EU Safe Harbor framework. Though the Communication is not legally binding, it provides useful guidance to companies on transfers of personal data to the […]
Article 29 Working Party Calls for Political Action
In a concise statement, the Article 29 Working Party (WP29), a consortium of European Data Protection Authorities (DPAs), released a position paper today about the landmark ruling of the European Court of Justice in Maximilian Schrems v. Data Protection Commissioner (C-362-14). WP29 makes a political call on the EU Member States to finalize discussions with […]
A Discussion with FTC Commissioner Julie Brill: The Future of Trans-Atlantic Privacy
On October 20, Alston & Bird will host a panel discussion with FTC Commissioner Julie Brill. The event will be broadcast as a webinar. Commissioner Brill will discuss the future of U.S. – European privacy with Senior Counsel Peter Swire. The discussion will be moderated by Partner Jim Harvey. This timely discussion with Commissioner Brill […]
David Keating Quoted on Law360 about Data Transfer Issues After Safe Harbor is Invalidated
David Keating, partner and co-leader of the firm’s Privacy & Data Security practice, was quoted on Law360 regarding the practical impact on companies of the decision of the European Court of Justice (ECJ) invalidating the EU-U.S. Safe Harbor program for transfers of personal data. The ECJ decision requires companies to evaluate the mechanisms they and their vendors use to move data out […]