IAPP-GDPR Web Banners-300x250-FINAL

(Feb 5, 2016) In a statement posted to the U.K. Parliament website yesterday by Baroness Neville-Rolfe, the U.K. government has made it known that it will not choose to opt-in to Article 43a of the proposed General Data Protection Regulation. House of Lords member Neville-Rolfe is Parliamentary Under-Secretary for Department of Culture, Media and Sport, the department that now houses the Information Commissioner’s Office.  Article 43a is a “new” portion of the GDPR, added after the Commission’s initial draft... Read More

The Privacy Advisor

FTC, DoC answer Privacy Shield questions

(Feb 4, 2016) The U.S. Department of Commerce and FTC Commissioner Julie Brill provided new details about the EU-U.S. Privacy Shield late Wednesday afternoon and Thursday morning. The DoC, in an interactive Q&A, took to Twitter to answer questions on its role in the potential agreement, while Brill discussed the FTC’s role in a webcast interview with Information Technology and Innovation Foundation President Robert Atkinson. Specifically, Brill said the FTC won’t change the way it enforces privacy cases,... Read More

The Privacy Advisor

The Privacy Shield now faces an uphill battle

(Feb 4, 2016) On Tuesday, Vice-President Andrus Ansip and Commissioner Vera Jourová announced that the EU Commission had approved a political agreement on what will henceforth be known as the “EU-US Privacy Shield.” Over the coming weeks they will have to draft a fresh EU Commission adequacy decision to replace the previous “Safe Harbor” decision, which the Court of Justice of the European Union found invalid in Schrems. There is already speculation that the validity of this new decision will itself be challe... Read More

The Privacy Advisor

Top 10 operational impacts of the GDPR: Part 7 - Vendor Management

(Feb 4, 2016) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2015, is set to replace the Data Protection Directive 95/46/ec. Once the GDPR is formally adopted by the European Parliament and Council and printed in the Official Journal of the European Union sometime this spring, it will be directly applicable in each member state and lead to a greater degree of data protection ha... Read More

The Privacy Advisor, Westin Research Center

Podcast: Making Sense of the Privacy Shield

(Feb 3, 2016) On Tuesday, the European Commission and U.S. Department of Commerce jointly announced a new data-transfer framework, the EU-U.S. Privacy Shield, to replace the invalidated Safe Harbor agreement. The Privacy Shield includes a new Federal ombudsman to oversee intelligence access to EU citizen data, a multi-step complaint resolution mechanism for EU citizens, and a number of other new provisions. But what does it mean for European and American companies that just want to transfer data while complyi... Read More

The Privacy Advisor

How sturdy is the Privacy Shield?

(Feb 3, 2016) Is there anyone in Europe who doesn't work for @EU_Commission and has something positive to say about #PrivacyShield? Rigour people, rigour! — Eduardo Ustaran (@EUstaran) February 2, 2016 The EU Commission and the U.S. have agreed on a new framework for transatlantic data flows, igniting a flurry of #SafeHarbor tweets, many skeptical and some incredulous, and prompting every law firm that’s ever looked at a data protection case to send out a client alert. But the alerts were fairly v... Read More

The Privacy Advisor

EU DPAs respond to Privacy Shield; BCRs are a go, for now

(Feb 3, 2016) Though the future of transatlantic data transfers continues to hang in the balance, one more clue was offered Wednesday afternoon in Brussels, with official word from the EU’s collection of data protection authorities on their assessment of the newly proposed EU-U.S. Privacy Shield arrangement. The head of the Article 29 Working Party (WP29) said during a press conference that the group “welcomed” the agreement but needed further documentation to assess its legality. “It is still only words fro... Read More

The Privacy Advisor

Commission, Commerce announce new EU-US data transfer agreement

(Feb 2, 2016) After intense negotiations between senior EU and U.S. officials throughout the weekend and into this week, the European Commission announced Tuesday it has reached a new transatlantic data transfer agreement with the United States. The U.S. Department of Commerce later confirmed details in a conference call with reporters. Though not yet legally binding, the agreement would pave the way for a new accountable regime for data transfers, that both provides EU citizens with a right of redress, invo... Read More

The Privacy Advisor

Commission offers outline, but few specifics in Safe Harbor talks

(Feb 1, 2016) After a weekend of intense talks between senior EU and U.S. officials in Brussels, and a missed deadline for finalization, EU Justice, Consumers, and Gender Equality Commissioner Věra Jourová addressed the European Parliament’s LIBE Committee late Monday on the "state of play" of the transatlantic data-transfer negotiations. Though she did not provide much by way of specifics, Jourová did offer up a broad sketch of what’s on the table for a new agreement she described as "close ... but additiona... Read More

The Privacy Advisor

Privacy After Hours Celebrates Data Privacy Day 2016

(Feb 1, 2016) Some celebrate Data Privacy Day by changing their passwords. Others lament the fact that their information has become so topical that keeping it safe has gotten itself its own holiday. Privacy pros? They mingle, celebrating the field at this January’s Privacy After Hours. Below is a recap of some of the evening’s festivities across the globe. Try not to be too envious of the privacy-anchored bashes taking place everywhere from Hong Kong to Boston, Ottawa to Germany, for the Heidelberg's first e... Read More

The Privacy Advisor