Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: safe harbor

Posted in Data Protection & Privacy Photo of Eduardo UstaranPhoto of Bret CohenPhoto of Katherine Gasztonyi

Details of Legal Challenge to Privacy Shield Revealed

Ever since the first draft of the EU-US Privacy Shield framework was published in early 2016, groups opposed to the idea have indicated their intent to challenge the legality of the framework under EU law. Recently, the privacy advocacy group Digital Rights Ireland (DRI) made good on that promise.  Following the filing of a formal complaint on 15 September asking for an annulment of the framework by the Court of Justice of the European Union (CJEU), DRI has now made public the details of its complaint. In the complaint, DRI

Posted in Data Protection & Privacy

Recording and Deck from Webinar: Privacy Shield: What You Need to Know

Thank you to everyone who tuned into our webinar “Privacy Shield: What You Need to Know.” In this complimentary webinar, Julie Brill, Tim Tobin, and Bret Cohen of Hogan Lovells’ Washington office, and Eduardo Ustaran of our London office explored: What do companies need to do to sign up to the Privacy Shield? How do companies demonstrate compliance with the Privacy Shield principles? What will it take to move from Safe Harbor to Privacy Shield? What are the pros and cons of Privacy Shield as compared to other EU cross-border

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

EU Data Transfers to the U.S.: Considering Your Options after Privacy Shield

With the recent approval of the EU-US Privacy Shield framework and the ability to start filing online registrations on 1 August, many companies have questions about the advantages and disadvantages of Privacy Shield as compared to other cross-border transfer mechanisms to cover trans-Atlantic data flows. To answer your questions, we publish here International Data Transfers – Considering your options, a high-level analysis of the EU cross-border transfer options for companies—including the EU Standard Contractual Clauses, Intra-Group Agreements and other ad-hoc contracts, Binding Corporate Rules, Privacy Shield, and Consent—and the pros

Posted in Data Protection & Privacy Photo of Julie BrillPhoto of Bret CohenPhoto of Eduardo UstaranPhoto of Harriet Pearson

Privacy Shield Receives Final Approval from European Commission—Some Initial Practical Advice

On 12 July 2016, the European Commission issued its much awaited “adequacy decision” concerning the Privacy Shield framework for the transfer of personal data from the EU to the U.S. This adequacy decision is based on the latest version of the Privacy Shield, which was further negotiated and revised following the Article 29 Working Party’s April 2016 concerns with the terms of the original Privacy Shield framework. Many of our clients have questions about Privacy Shield—what it is, when it will be available for use, and how it differs from

Posted in Data Protection & Privacy Photo of Julie Brill

Privacy Shield is the Right Replacement for Safe Harbour

Julie Brill, Hogan Lovells partner, and co-head of our global privacy and Cybersecurity practice, recently commented on the EU-US Privacy Shield for the EurActiv publication.  Her comments are republished here, with permission: The free flow of data is essential to an ever-growing segment of the global economy.  Yet some policymakers and advocates, citing privacy concerns, have called for shutting off the faucet and restricting data flow, to the detriment of European consumers and European businesses, both small and large. With cooler heads and a laser-like focus on the best interests of

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

Untying the Global Dataflows Mess

One of Harry Houdini’s most difficult tricks consisted of escaping from a nail-fastened and rope-bound wooden crate with manacles on his hands and feet, while submerged in New York’s East River. That feat is starting to look straightforward when compared to the prospect of lawfully exporting personal data out of the European Union. The restrictions on transfers of data to jurisdictions that do not provide an adequate level of protection have been in place for more than 20 years. And while these restrictions have not prevented the development of the

Posted in Data Protection & Privacy

Hogan Lovells Issues Legal Analysis of the EU-U.S. Privacy Shield

In a thorough legal analysis of the EU-U.S. Privacy Shield framework, a report from Hogan Lovells says the framework would stand up in the Court of Justice of the European Union (CJEU), and that the true level of data protection afforded by the Privacy Shield framework will only be demonstrated by its functioning and the practices of its participants. The report provides an objective view of the new framework concerning transatlantic dataflows and includes a rigorous assessment of the Privacy Shield based on European jurisprudence. The Hogan Lovells analysis finds

Posted in Data Protection & Privacy, TMT2020 Photo of Harriet PearsonPhoto of Eduardo UstaranPhoto of Bret CohenPhoto of Katherine Gasztonyi

TMT2020: Inside the New EU-U.S. Data Framework: A Practical Breakdown of the Privacy Shield

EDITOR’S NOTE:  We are excited to present this entry in our new TMT2020 series, which reflects the key technology, media, and telecoms legal issues that are expected to impact today’s organizations and tomorrow’s marketplace.  It also provides an opportunity to highlight contributions by TMT associates across our global offices and practice areas.  The February 29, 2016 announcement of the new EU-U.S. data transfer framework—the Privacy Shield—was accompanied by over 130 pages of documentation and significantly more operational details than its predecessor, Safe Harbor.  We have reviewed the Privacy Shield materials and

Posted in Data Protection & Privacy Photo of Eduardo UstaranPhoto of Harriet PearsonPhoto of Bret CohenPhoto of Katherine Gasztonyi

First Look: EU–U.S. Privacy Shield

On February 29, 2016, and after more than two years of negotiations with the U.S. Department of Commerce, the European Commission released its draft Decision on the adequacy of the new EU–U.S. Privacy Shield program, accompanied by new information on how the Program will work. The Privacy Shield documentation is significantly more detailed than that associated with its predecessor, the EU-U.S. Safe Harbor, as it describes more specifically the measures that organizations wishing to use the Privacy Shield must implement. Importantly, the Privacy Shield provides for additional transparency and processes

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

International Data Transfers – The Uncertainty Continues

Following the announcement by the European Commission of the newly agreed EU-US Privacy Shield, the missing piece of the jigsaw was the Article 29 Working Party’s stance on the adequacy of the existing mechanisms in place—in particular, standard contractual clauses and binding corporate rules (BCR).  So after two days of intense discussions, the Working Party has issued a statement with its latest position, which is the follow up to their original reaction to the invalidation of Safe Harbor last October.  The bottom line: the Working Party still does not view

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

A New Turn in the Safe Harbor Roller Coaster

The roller coaster of developments affecting the Safe Harbor framework shows no signs of slowing down. It has taken a couple of years since Edward Snowden’s revelations for the train to reach to its highest point, but once the European Court of Justice (ECJ) ruled on the Schrems case, we knew it would be a bumpy ride. In the past weeks, most of the attention has focused on the EU data protection authorities, which are now more emboldened than ever and keen to capitalize on the ECJ’s decision to tighten

Posted in Data Protection & Privacy Photo of Timothy TobinPhoto of Tim Wybitul

European Commission Issues Opinion on Safe Harbor after Schrems

On November 6, 2015, the European Commission issued its widely anticipated Communication to the European Parliament and Council about the effect of the Court of Justice of the European Union’s (CJEU) Schrems decision, which invalidated the U.S.-EU Safe Harbor framework.  The Commission expresses a commitment to negotiate with the U.S. Government a new framework for cross-border transfers of personal data.  The Commission also emphasizes that the Communication does not have binding legal effect, but concludes that:  

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

European Court Advocate General’s Opinion Threatens Safe Harbor

The Opinion of the Advocate General (AG) of the Court of Justice of the European Union (CJEU) on the case assessing the status and validity of Safe Harbor has created significant uncertainty relating to its immediate future. While the CJEU has not yet ruled, the AG’s decisions are typically quite influential. The AG’s view is that the Safe Harbor program does not provide an adequate level of data protection and that it should have already been invalidated by the European Commission. Safe Harbor was the end result of several years