Search Results

You were looking for: schrems ii

EDPB issues guidance on data transfers following Schrems II

Following the recent judgment C-311/18 (Schrems II) by the Court of Justice of the European Union (CJEU), the European Data Protection Board (EDPB) published “Recommendations on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data” on November 11th. These measures are to be considered when assessing the […]

First judicial application of Schrems II in France

France’s highest administrative court (Conseil d’État) issued a summary judgment that rejected a request for the suspension of France’s centralized health data platform – Health Data Hub (HDH) – on October 13th, 2020. The Conseil d’État further recognized that there is a risk of U.S. intelligence services requesting the data and called for additional guarantees. […]

Advocate General’s opinion on “Schrems II” is delayed

The Court of Justice of the European Union (CJEU) Advocate General’s opinion in the case C-311/18 (‘Facebook Ireland and Schrems’) will be released on December 19, 2019. Originally, the CJEU announced that the opinion of the Advocate General in this case, Henrik Saugmandsgaard Øe, would be released on December 12, 2019. The CJEU did not provide […]

Regional Court of Vienna judges in Schrems against Facebook case

On June 30th, 2020, the Vienna Regional Court passed judgement in the case of Max Schrems against Facebook Ireland Limited, in the case number 3 Cg 52/14k-91 (in German). In the following, we will be presenting the case and the court’s judgement. Facts of the case In the years 2011, 2012, 2013, 2015 and 2019, […]

New EU SCC must be used as of now

In June 2021, the European Commission published the long-awaited new Standard Contractual Clauses (SCC) for the transfers of personal data to so-called third countries under the General Data Protection Regulation (GDPR) (please see our blog post). These new SCC modules replace the three 10-year-old SCC sets that were adopted under the EU Data Protection Directive […]

EU Commission publishes Draft Adequacy Decision for South Korea

On 16 June 2021, the European Commission published the draft adequacy decision for South Korea and transmitted it to the European Data Protection Board (EDPB) for consultation. Thus, the Commission launched the formal procedure towards the adoption of the adequacy decision. In 2017, the Commission announced to prioritise discussions on possible adequacy decisions with important […]

EDPB adopts final Recommendation 01/2020 on Supplementary Measures for Data Transfers to Third Countries

On June 21st, 2021 during its 50th plenary session, the European Data Protection Board (EDPB) adopted a final version of its recommendations on the supplementary measures for data transfers. In its recent judgment C-311/18 (Schrems II) the Court of Justice of the European Union (CJEU) has decided that, while the Standard Contractual Clauses (SCCs) are […]

New SCCs published by the EU Commission for international data transfers

On June 4th 2021, the EU Commission adopted new standard contractual clauses (SCC) for international data transfers. The SCCs are model contracts that can constitute a suitable guarantee under Art. 46 of the General Data Protection Regulation (GDPR) for the transfer of personal data to third countries. Third countries are those outside the EU/European Economic […]

EDPS investigating EU institutions’ use of US cloud services

The European Data Protection Supervisor (“EDPS”) announced on May 27th, 2021, that it has opened an investigation into the use of Microsoft’s Azure and Amazon’s AWS by EU institutions and has begun an audit of the European Commission’s use of Microsoft Office 365. The EDPS is the EU.s data protection authority. The EDPS is the […]

Portuguese DPA Orders Suspension of U.S. Data Transfers by National Institute of Statistics

On April 27, 2021, the Portuguese Data Protection Authority “Comissão Nacional de Proteção de Dados” (CNPD) ordered the National Institute of Statistics (INE) to suspend any international data transfers of personal data to the U.S., as well as other countries without an adequate level of protection, within 12 hours. The INE collects different kinds of […]

Pages: 1 2 3 Next
1 2 3