Category Archives: International

Subscribe to International RSS Feed

Does Your Company Meet Privacy Shield Protection Criteria?

As of August 1, the US-EU Privacy Shield is up and running. Companies transferring personal data (e.g., employee data, customer data, etc.) from the EU to the U.S. can now register with the U.S. Department of Commerce provided that they meet the requisite protection criteria. Registration under the Privacy Shield certifies that the transfer of the personal … Continue Reading

EU Regulators Allow One-Year Test of Privacy Shield

The long-awaited US-EU Privacy Shield—the successor to the US-EU Safe Harbor which was declared invalid—is set to kick in on August 1, 2016. (See our July 8 post for detail.) One of the reasons it took so long to put the Privacy Shield in place was the opposition it encountered from consumer groups and the data protection … Continue Reading

Data Breach Costs Rise to $4 Million Globally, $7 Million in the U.S.

According to the Ponemon Institute 2016 Cost of Data Breach Study (sponsored by IBM), the total cost a company should expect to spend in response to a data breach has once again increased both globally and in the United States. The average cost paid for each lost or stolen record containing sensitive and confidential information … Continue Reading

European Union Article 29 Working Party Responds to Privacy Shield

The European Union’s Article 29 Data Protection Working Party (WP29), put in place under a European Parliament directive to address personal information and its international movement, responded on April 13 to the Privacy Shield Data Transfer Agreement agreed upon by the United States and the European Commission earlier this year. The Privacy Shield was intended … Continue Reading

European Parliament Votes to Enact Data Protection Reforms

Four months after the European Parliament’s Civil Liberties, Justice and Home Affairs Committee (LIBE) signed off to move ahead with the new regulations in December of last year and six days after the Council of the European Union voted to adopt them on April 8, the European Parliament voted to approve the General Data Protection … Continue Reading

The “Right to Be Forgotten” Proves Ironic for Google, But Not Expensive

The French administrative body known as the Commission Nationale de l’Informatique et des Libertés (CNIL) (France’s Data Protection Authority) exercised its powers recently when it fined Google €100,000 on March 24th for, in CNIL’s words, “fail[ing] to comply with the obligation to respect the rights of individuals to erase data and to object.” This right … Continue Reading

Judicial Redress Act of 2015 Presented to the President

Less than a year following its introduction in Congress, the Judicial Redress Act of 2015 was presented to the President on February 12, 2016. According to House Judiciary Chairman Bob Goodlatte (R-VA) in his Statement released on September 17, 2015, the intent is that the Act will (1) address the concerns expressed by the European … Continue Reading

EU-US Privacy Shield Replaces Safe Harbor

The European Commission and the U.S. Department of Commerce have reached a last-minute deal on a new trans-Atlantic data sharing agreement. Initially coined as “Safe Harbor 2.0” this new agreement will instead be referred to as the “EU-US Privacy Shield.”  EU Justice Commissioner, Vera Jourová, addressed the new agreement at a press conference earlier today.  The … Continue Reading

EU Reaches Agreement on Data Privacy: What Does It Mean For Your Business?

You have probably already seen the headlines about the new EU data privacy regulation which will replace the current data privacy directive. No immediate action is required as it will not come into effect until 2018. Companies should, however, start planning for the changes by implementing serious data privacy policies and procedures as the new … Continue Reading

European Commission and Data Protection Authorities Issue Guidance

When the European Court of Justice invalidated the Safe Harbor Framework, companies were left scrambling to determine how best to conduct day-to-day business involving data transfers between the EU and the U.S. To remind us of our options, the European Commission released a communication setting out the alternative grounds upon which personal data may still … Continue Reading

EU-U.S. Safe Harbor Invalidity Gives Renewed Interest in U.S. Legislation

The recent holding of the European Court of Justice to invalidate the EU-U.S. Data Privacy Safe Harbor has given new impetus for Congress to pass the Judicial Redress Act sponsored by Sen. Orrin Hatch and Sen. Chris Murphy which would give EU citizens a cause of action in U.S. courts. What to do in the … Continue Reading

European Court of Justice Invalidates EU-U.S. Safe Harbor

On October 6, the European Court of Justice released an opinion that will have a significant effect on many companies which do business in the EU and transfer information to United States operations. In Schrems v. Data Protection Commissioner, the Court held that the EU-U.S. Safe Harbor Agreement does not preempt the data protection authorities … Continue Reading

EU-U.S. Data Protection Treaty Could Open U.S. Courts to EU Litigants

The U.S. and the EU recently concluded a treaty which will open the doors of U.S. courts to Europeans suing U.S. companies for data privacy violations. For a long time the Europeans have been skeptical about the protection of data privacy in the United States. The name “Snowden” still touches a sore spot with most … Continue Reading

EU’s new data protection law is likely to impact all companies doing business in Europe

Headlines have been popping up lately around Europe’s latest proposed rules to address data privacy. While the focus of the media seems to be mostly on how it’s bad news for big tech companies such as Google and Facebook—which will likely have even more complicated data privacy waters to navigate in Europe—there is likely a … Continue Reading

What direction companies must head with ‘right to be forgotten’ laws

When a European Union court said in May that individuals have the right to control their data and can request that search engines remove results linking to their information, legal practitioners around the world were surprised. This “right to be forgotten” seemed to take data privacy laws to an unprecedented level that even European lawyers … Continue Reading

Rules and regulations ‘across the pond’ that may force dramatic changes

Here’s the good news about European data-security laws: The European Union has had a consistent, centralized legal regime in place for nearly 20 years. The bad news: that may be about to change. The EU’s Data Protection Directive, in force since 1995, provides a comprehensive data-security framework for member nations. It sets up guiding principles … Continue Reading