Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
On July 10, 2023, the European Commission formally approved the EU-U.S. Data Privacy Framework (DPF) by adopting an "adequacy decision." Adequacy decisions are one of the legal mechanisms under the EU's General Data Protection Regulation (GDPR) for transferring personal data from the EU to third countries which, in the eyes of the European Commission, offer sufficient privacy and data protection. The DPF adequacy decision recognizes that, although the United States has a different approach to data protection than the EU, personal data transferred to the U.S. under the DPF is considered to be adequately protected in line with the GDPR's rules on international data transfers. The European Commission takes the position that personal data can flow freely and safely from the EU to U.S. companies that are participating in the new Framework.
Transfers of personal data from the EU to the U.S. have generated much controversy over the past few years. In 2020, the Court of Justice of the EU invalidated the DPF's predecessor, the EU-U.S. Privacy Shield, following a complaint by Austrian privacy activist Maximilian Schrems and his nonprofit organization NOYB — European Center for Digital Rights (known as the Schrems II case). In the Schrems II case, questions were raised about how personal data of EU users of social network Facebook was available to U.S. authorities (e.g., the National Security Agency) in a manner that was considered incompatible with the EU Charter of Fundamental Rights. The Court of Justice was particularly concerned that U.S. intelligence agencies could access personal data from EU individuals beyond what is necessary and proportionate and that there was no independent and impartial redress mechanism to handle complaints from EU individuals.
In the wake of the Schrems II case, the European Commission and the U.S. government engaged in intense negotiations to set up a new and enhanced EU-U.S. data transfer structure — the DPF — that addresses the concerns of the Court of Justice. In support of this initiative, U.S. President Joe Biden signed an Executive Order that aims to provide additional protections for EU individuals whose personal data is transferred to the U.S., including:
|Following a lengthy assessment, the European Commission ultimately found that the additional data access limitations, safeguards and redress possibilities that the United States has committed to implement in the context of the new Framework suffice to ensure an adequate level of protection for personal data transferred from the EU to companies participating in the DPF.
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
In June 2024, the First Department decided Huguenot LLC v. Megalith Capital Group Fund I, L.P., which resolved a question of liability for a group of condominium apartment buyers and in so doing, touched on a wide range of issues about how contracts can obligate purchasers of real property.
With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.
Latham & Watkins helped the largest U.S. commercial real estate research company prevail in a breach-of-contract dispute in District of Columbia federal court.
Practical strategies to explore doing business with friends and social contacts in a way that respects relationships and maximizes opportunities.