News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Neil Hodge2023-03-03T14:00:00
Since the most recent mechanism to ensure “safe” data transfers between the European Union and United States was rescinded, companies on both sides of the Atlantic have hoped a viable replacement would come into force quickly to provide the same level of legal assurance.
Fortunately, momentum is gathering toward a new standard.
The July 2020 ruling by the Court of Justice of the European Union (CJEU) to invalidate the Privacy Shield placed companies at increased risk of violating the EU’s General Data Protection Regulation (GDPR) when transferring data between the two regions. This is because U.S. surveillance laws allow excessive access to EU citizens’ personal data for national security reasons.
In the aftermath of the ruling, standard contractual clauses (SCCs) and binding corporate rules (BCRs) gained popularity as alternatives for enabling transatlantic data flows. But neither mechanism provides the cover of the Privacy Shield, meaning businesses have viewed a new agreement between the European Union and United States as necessary.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
2023-07-10T17:41:00Z By Kyle Brasseur
The European Commission announced it adopted a new agreement with the United States to allow for transatlantic data flows without fear of violating the European Union’s General Data Protection Regulation.
2023-05-04T20:21:00Z By Neil Hodge
Meta and other Big Tech firms will soon learn if they might be prevented from transferring the personal data of European citizens to the United States in the way they do now.
2022-12-14T16:50:00Z By Kyle Brasseur
The government office for national statistics in Portugal was assessed a fine of €4.3 million (U.S. $4.6 million) by the country’s data protection authority for multiple violations of the General Data Protection Regulation that occurred during its 2021 census work.
2024-06-24T21:02:00Z By Jeff Dale
Facial recognition company Clearview AI reached a preliminary settlement in a class action lawsuit alleging it violated the Illinois Biometric Privacy Act, with the company agreeing to compensate victims with stake in the company.
2024-05-02T14:57:00Z By Neil Hodge
The General Data Protection Regulation has been in force for nearly six years. Some industries—and some companies—have been more prone to fall foul of the rules than others.
2024-04-19T19:16:00Z By Neil Hodge
Big Tech firms might need to rethink their plans to charge users for not selling their personal data for behavioral advertising following a decision by Europe’s primary data regulator.
Site powered by Webvision Cloud