POPULARITY
Simon Hania is Global Data Protection Officer at Uber, heading the team that independently advises on and monitors Ubers compliance with data protection laws. In the past Simon held the position of VP Privacy & Security at TomTom and before that various positions in IT service management. Simon is a trained engineer who has learned to love the law. References: Simon Hania on LinkedIn Masters of Privacy Summer Newsroom, covering Uber's $290 EUR fine in The Netherlands Glovo (food delivery) receives a 500k EUR AEPD fine for sending rider location data across borders (started in Italy) FTC Finalizes Order with X-Mode and Successor Outlogic Prohibiting it from Sharing or Selling Sensitive Location Data Uber Ads
Send us a textOn this week of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal discuss recent developments in privacy and data protection laws around the world. They talk about transferring personal data to China, artificial intelligence and of course the fine Uber received for transferring personal data to the U.S. If you have comments or questions, find us on LinkedIn and IG @seriousprivacy @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us! Proudly sponsored by TrustArc. Learn more about NymityAI at https://trustarc.com/nymityai-beta/ #heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO
Host Scott Loughlin and Hogan Lovells partner James Denvil delve into the recent Executive Order (EO) issued by the Biden Administration. Designed to limit access by countries of concern to sensitive personal data of Americans, this EO marks a significant development in cross-border data protection policy. Together, Scott and James explore the implications of the EO, shedding light on its potential impact on the digital ecosystem and how this game-changer in data governance will have far-reaching effects and challenges for businesses operating in the digital landscape.
Reed Smith Partners Cynthia O'Donoghue and Andreas Splittgerber delve into the recent developments surrounding the EU-U.S. Data Privacy Framework and discuss other data transfer mechanisms.
In this episode of the Mobile Dev Memo podcast, I speak with returning guest Mikołaj Barczentewicz, an expert on European data privacy law, about the recent $1.3BN fine that the Irish DPC issued to Meta over its transmission of EU residents' data to the United States. We discuss the history of data transfer frameworks between the EU and the US and why they've all been invalidated, the core motivations of EU protectionism related to data transfer, and the implications for all technology companies of the Irish DPC's decision.
Associate Professor Hannah Yee-Fen Lim, Division of Business Law, Nanyang Business School, NTU dives deep into the historical context and issues behind Meta's latest fine in EU over US data transfers and how much bite the company has in its intended appeal. Presented by: Lynlee Foo This podcast is produced and edited by Yeo Kai Ting (ykaiting@sph.com.sg) See omnystudio.com/listener for privacy information.
A.M. Edition for May 22. European Union privacy regulators have fined Facebook owner Meta a record $1.3 billion for sending user information to the U.S., according to people familiar with the matter. WSJ tech reporter Sam Schechner explains how the decision could affect other multinational companies. Plus, U.S. debt talks are set to resume this afternoon. And Russia claims victory in the Ukrainian city of Bakhmut. Luke Vargas hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices
President Biden and House Speaker Kevin McCarthy plan to meet today to discuss the debt ceiling. Micron shares fall after China bans the U.S. chip maker from supplying major Chinese companies. Keith Collins hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices
This is the audio-only version of our twice-weekly cyber security talk show, teissTalk. Join us twice a week for free by visiting www.teiss.co.uk/teisstalkThe panel discussion is titled:teissTalk: Control in the cloud - are your data transfers secure? How to modernise data handling when integrating with cloud-based solutions? The challenges of moving to a pure cloud infrastructure vs hybrid Minimising the risks of cloud-based data breaches through encryptionThis episode is hosted by Thom Langfordhttps://www.linkedin.com/in/thomlangford/Benoit Heynderickx, Principal Analyst, Information Security Forum (ISF)https://www.linkedin.com/in/benoithey/Ryan Cooke, Consulting CISO, Orum.iohttps://www.linkedin.com/in/ryancooke/Nick Hogg, Director of Technical Training, Fortrahttps://www.linkedin.com/in/nick-hogg-034a9b5/
In this episode of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal of Crawford & Company talk with dr. Laura Drechsler, Research Fellow at the Centre for IT and IP Law (CITIP) at the Catholic University of Louvain, Belgium. They discuss Laura's work on cross-border data transfers, comparing the decisions of the European courts and the guidance of the data protection authorities with the adequacy decisions that have been published by the European Commission. It is clear there is still a lot to learn from the past on how to do adequacy and other data transfers right.As always, if you have comments or questions, let us know - LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy @trustArc and email podcast@seriousprivacy.eu. Please do like and write comments on your favorite podcast app so other professionals can find us easier. The Leadercast PodcastThe fun way to grow you and your top talent.Listen on: Apple Podcasts Spotify As always, if you have comments or questions, find us on LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us! #heartofprivacy #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO
Paras Jain and Sarah Wooders are graduate students at UC Berkeley's Sky Computing Lab. They are part of the team behind Skyplane, and open source project that accelerates wide-area transfers in the cloud via overlay routing and parallelism. Subscribe to the Gradient Flow Newsletter: https://gradientflow.substack.com/Subscribe: Apple • Spotify • Stitcher • Google • AntennaPod • Podcast Addict • Amazon • RSS.Detailed show notes can be found on The Data Exchange web site.
In this first episode of "Tech Law Bits" Martin Schirmbacher interviews Elisa Henry of BLG in Montreal, Canada and Erik Valgaeren of Stibbe in Brussels, Belgium on their table topic during the Hot Topics Roundtables session. Before jumping to the topic Erik briefly explains what the around the tables session is all about and how attendees can participate. Topic of Table #13 is Data privacy: lessons learned and future outlook. Thus colleagues visiting this table will discuss newest developments in privacy issues and the relevance for tech deals.
This week on Top in Tech, Conan D'Arcy is joined by Associate and first-time guest Ilana Kunkel to discuss new developments in the frequently tense US-EU data-sharing relationship. They discuss why the EU views the US's personal data collection methods with scepticism, the political considerations on both sides of the Atlantic, and why the Data Protection Framework may succeed where other proposals have failed. Hosted on Acast. See acast.com/privacy for more information.
Join Reed Smith Tech & Data partners Cynthia O'Donoghue, Andreas Splittgerber, and Barbara Li as they discuss the legal updates and changes relating to cross-border transfers of personal data from an EU, UK, and Chinese perspective. In this episode, participants dive into the latest developments and legal issues and explain best practices that organizations must consider when transferring personal data to or from these regions.
On 13 December 2022, the European Commission published the long-awaited draft adequacy decision for the EU-U.S. Data Privacy Framework, among podcast listeners also known as the Thingy. In this episode of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal of Outschool talk about the adequacy decision, and what they consider is missing from it. Resources:Draft Adequacy DecisionIAPP Privacy Shield - DPF comparisonODNI Redress ProcessExecutive Order 14086OECD Policy Framework on Digital Security As always, if you have comments or questions, let us know - LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy @trustArc and email seriousprivacy@trustarc.com. Please do like and write comments on your favorite podcast act so other professionals can find us easier.
In a global economy with personal data flowing between countries on a regular basis, President Biden in October 2022 signed an executive order directing the steps that the United States will take to implement its commitments under the EU-US Data Privacy Framework. In this Fast Takes episode, Jackson Walker attorneys John Jackson and Manny Schoenhuber discuss the implications of this executive order. For additional JW Fast Takes podcasts and webinars, visit JW.com/Fast. Follow Jackson Walker LLP on LinkedIn, Twitter, Facebook, and Instagram. The music is by Eve Searls.
On October 7, the negotiations between the U.S. and European Commission regarding the future of the data privacy frameworks behind the Privacy Shield program were completed with the release of a Presidential Executive Order, passing the baton to the EU for the start of their adequacy process. Finally, after two years of limbo, the 5,000 businesses that … Continue reading The Future of EU-U.S. Data Transfers →
Stephan Grynwajc is admitted as a lawyer in the EU, the UK, the US and Canada, having worked as a privacy practitioner and DPO in both Europe and North America for the last 20 years. His own law firm offers external DPO services to EU/UK and US/Canada-based companies. Stephan is also a partner specialized in international privacy at Outside GC, a bicoastal US law firm. Stephan publishes regularly on various privacy topics, including for the IAPP Privacy Advisor. He is also an Adjunct Professor on privacy and data protection at various universities. References: Privacy at the Crossroads: A Comparative Analysis of Regulation in the U.S., the EU and Canada Joe Biden's Executive Order Summary of Privacy laws in Canada Law Office of S. Grynwajc (and LinkedIn Page) Outside GC IAPP Privacy Advisor
Derek A. Lackey is Managing Director of Newport Thomson, a Privacy Agency based in Toronto. With more than 30 years of marketing, advertising and privacy experience, he is focused on data protection & privacy and its effect on the brand. Derek is the author of “CASL Compliance: A Marketer's Guide to Email Marketing to Canadians”, and looks to simplify the implementation of new data management practices within organizations. This will be the first of two separate perspectives on the basic premises that make EU-US data transfers so difficult (in the aftermath of Joe Biden's Executive Order paving the ground for the Data Privacy Framework). We will also get a first impression of the Canadian scenario as an interesting blend of both approaches. References: Newport Thomson Derek A. Lackey on LinkedIn Joe Biden's Executive Order Max Schrems' first reaction to the EO CASL Compliance: A Marketer's Guide to Email Marketing to Canadians
Cynthia O'Donoghue and Aselle Ibraimova from Reed Smith's London Office discuss changes in the EU/UK to the standard contractual clauses for data transfers between EU/UK and non-EU/non-UK countries. The two explore the new interpretations of the rules on data transfers by the EU Data Protection authorities, the impact on day-to-day compliance, the introduction of data transfer tools by other countries around the world, and the adjustments that businesses need to make as a result of these changes.
This is the audio-only version of our twice weekly cyber security talk show, teissTalk. Join us twice a week for free by visiting www.teiss.co.uk/teisstalk On this episode, we focus on the following news story;Data: a new direction - government response to consultationhttps://www.gov.uk/government/consultations/data-a-new-direction/outcome/data-a-new-direction-government-response-to-consultation The panel discussion is titled Infosec leaders' legal briefing - international data transfers· Reopened transatlantic data flows and GDPR: where might the agreement be invalidated?· Are data-sharing agreements offering adequate protection?· Transfer impact assessments: identifying and mitigating data protection risk This episode is hosted by Geoff Whitehttps://www.linkedin.com/in/geoffwhitetech/ Our Guests are;Rocio de la Cruz, Partner, BPE Solicitors LLPhttps://www.linkedin.com/in/rocio-de-la-cruz-a4525480/ Simon Howarth, Data Protection Officer, On The Beachhttps://www.linkedin.com/in/simonhowarth/ Joanna Moczadlo, Legal Counsel, AG Integratehttps://www.linkedin.com/in/joanna-m-a6a02496/ Elisavet Dravalou, Lawyer, Synchhttps://www.linkedin.com/in/elisavetdravalou/
The US and the EU have reached a new framework for cross-border data transfers.This webinar, featuring Justin Antonipillai – Founder and CEO of WireWheel; Dan Solove – President and CEO of TeachPrivacy; and Josh Harris – Director, Global Privacy Initiatives of BBB National Programs, will focus on what the new agreement means, steps that companies should take today, and what to expect in the future.
Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we take up the proposed agreement for data transfers from the EU (and UK) to the US. Some of the issues we consider in the myriad of questions around this latest version of Privacy Shield include: 1. Is this simply an agreement to agree? 2. Who will populate the independent court review in the US? 3. Will US spy agencies ever comply? 4. Will there be a real deal by the end of 2022? 5. Is this simply a temporary solution. Resources For more information on the new data transfer agreement, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode of the FIT4PRIVACY Podcast, Punit is joined by Heidi Waem for a conversation about recently passed Chinese Data Protection Bill and Data Transfer in Europe. Both have a chat about the similarities and differences between Chinese Data Protection Law and EU GDPR. Let's listen and have some fascinating information about these two topics. KEY CONVERSATION POINTS GDPR IN ONE WORD Similarities of Chinese Data Protection Law and EU GDPR Requirement of Chinese Data Protection Law Why Asian Privacy Laws Rely on Consent DPO Requirements in Chinese Law Data Transfer challenges ABOUT THE GUEST Heidi Waem is a specialist in data protection and privacy law and contract law. She has extensive experience in market practices, consumer laws, IP/IT and compliance. Heidi Waem's experience in these fields includes both litigation and non-contentious matters. Over the years she has been seconded to various multinational companies in different sectors which has given her valuable insights and experience in the needs of and problems faced by businesses, as well as experience as in-house counsel. For more, you can read https://www.dlapiper.com/en/belgium/people/w/waem-heidi/ ABOUT THE HOST Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach privacy professionals. Punit is the author of books “Be Ready for GDPR” which was rated as the best GDPR Book, “AI & Privacy – How To Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts. As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe. RESOURCES Websites: www.fit4privacy.com, www.punitbhatia.com CONNECT Instagram https://www.instagram.com/punit.world/ Facebook https://www.facebook.com/PunitBhatiaSpeaker/ LinkedIn https://www.linkedin.com/in/punitbhatia/ Podcast http://hyperurl.co/fit4privacy YouTube http://youtube.com/fit4privacy Email hello@fit4privacy.com --- Send in a voice message: https://anchor.fm/fit4privacy/message
n this week's episode we enable you to share major projects, photos and more with just a tap! [Recorded 2/17/21]
The Schrems II judgment was designed to identify available options to transfer data from the European Union (EU) to the United States (US), including implications on cross-border data transfers beyond the EU and US.Daniel J. Solove (President and CEO at TeachPrivacy) and Justin Antonipillai (CEO and Founder at WireWheel) are joined by Peter Swire (Senior Counsel at Alston & Bird), Kenneth Propp (Senior Fellow at Atlantic Council), and Shannon Yavorsky (Privacy and Data Security Partner at Orrick) to discuss current issues between the European and American approach vs. policy, as they relate to cross-border transfer flows.You can also follow WireWheel on social media to track the latest news in the Privacy world!Follow us on Linkedin, Twitter, Youtube or Facebook.To learn more about WireWheel Data Privacy Management solutions, visit www.wirewheel.io.Any questions? You can contact us at marketing@wirewheel.io!
Businesses today are data driven and data dependent, but the rules that govern how data can be used and shared across borders are becoming increasingly tricky for international organizations to navigate, subject to constantly evolving and often conflicting requirements in each region. None more so than in Europe, where changes over the past 18 months—including updated versions of the EU's Standard Contractual Clauses for cross-border data transfer—have raised new sets of questions for organizations seeking to comply with the rules for moving personal data from Europe to places like the United States. In this special National Cybersecurity Awareness Month episode, partners Vivek Mohan and Oliver Yaros along with host Julian Dibbell discuss these changes and a few things businesses can do to stay on top of them.
With the fall of Privacy Shield and the Safe Harbor program, what can we expect for the future of transatlantic data transfers? Can the EU and US work out a trade deal? More on Lothar Determann. SPEAKERS Wayne Stacy, Lothar Determann Wayne Stacy 00:00 Welcome, everyone to the Berkeley Center for Law and Technology's Experts Series podcast. This is Wayne Stacy, the Executive Director for BCLT. And today we're going to talk about the future of transatlantic data transfers. And we have with is one of the great experts in the field, Dr. Lothar Determann. Doctor Determann or I'm gonna go with Lothar for now was or is a professor, I guess lecturer is the right title. But he's a lecturer since 2004 of computer law and data privacy at Berkeley Law. And since 1995, he's been a tenured professor in Germany. So he brings expertise on the academic side from both sides of the Atlantic, if you look at his publications, Determann's Field Guide to data privacy law in California privacy law, practical guide and commentary. He's actually teaching out of that this semester. And this semester, or next semester, he's got the California privacy law course that he'll be teaching at Berkeley Law. So actually, if you go through the whole list, we can spend the 15 minutes talking about the scope of all of his work, but I'll just leave it at this: he knows a lot about transatlantic data transfers. So thank you for coming today. Lothar Determann 01:29 Thanks for inviting me, Wayne. Wayne Stacy 01:31 So what I want to turn to first is the fact that there seem to be some large finds coming out of out of Europe these days, and a slow eroding, or maybe a fast eroding of some of the shields that we used to have. So the Privacy Shield went down, you saw the Safe Harbor program go down in 2015. And now you're starting to see these new standard contract contractual clauses coming out. The real question about all of this is people get nervous is what does this mean for transatlantic data transfers, and in what's the big picture going to look like over the next few years for for US companies. Lothar Determann 02:14 For US companies, the biggest challenge has been that the general data protection regulation has extended and clarified the realm of applicability to some US companies, but also that European companies are under evermore pressure and transferring personal data to the US. European Union is a trade zone Originally, it was called the European Economic Community when they started looking at harmonizing data protection law. And the main goal was to make it easy for companies to cooperate within the bloc and transfer data across borders. So the official title of what is now often referred to as the Data Protection Directive was really about the free flow of data in Europe. And it was kind of a compromise to say, if we're all trusting each other with data, the Germans and the Spaniards and the French and the Brits at the time before Brexit, then we do need to have a prohibition from just transferring it onward somewhere else. And that was in the directive of 1995. That was there to allow more Corporation more sharing more flow within Europe. And this prohibition of transferring to the US wasn't a real big deal in the first years, because there was a general understanding that the US has privacy laws, too. And the commission worked out a compromise where US companies could sign up for a voluntary program, the Safe Harbor program, and commit to basically complying with the European rules. And then European companies could share data with them, just as if they were in Europe. But after the Snowd
Following the EU's adoption of Adequacy Decisions that the Kitchen covered in a prior episode, the UK's Department for International Trade issued an updated guidance on data transfers into the UK.The Kitchen takes a look at the guidance that points to sources on data transfers, IP, copyright and data protection both coming into and leaving the UK.
On 28 June 2021, the European Commission announced it has approved two adequacy decisions for the United Kingdom (UK). With these decisions, one under the General Data Protection Regulations (GDPR) and one under the European law enforcement directive, the Commission confirms the UK offers a level of data protection that is essentially equivalent to that in the European Union (EU). With this hurdle out of the way, personal data can continue to flow freely from the EU to the UK, without the need for additional safeguards or regulator approval. The free flow of data in the other direction, from the UK to the EU, had already been confirmed by the British government at the time the UK ceased being a member of the EU. But will the UK adequacy decisions stand the test of time? Not only do they expire automatically after four years, but the opponents are also sharpening their knives for a challenge in court. And the UK Government seems eager to drop the memory of the GDPR, and to replace the UK GDPR with a more trade and business friendly data protection law. This week, Paul Breitbarth and K Royal discuss the details of the UK adequacy decisions and the future of data protection law in Britain with our own UK expert Ralph O'Brien. As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. We also have a LinkedIn page for Serious Privacy, so please follow for more in-depth discussion.Resources:TrustArc Blog on the UK Adequacy DecisionsWebinar on EU International Transfer developmentsTrustArc Microsite on international data transfers
The European Commission issues two Adequacy Decisions for personal data transfers to the UK. The Kitchen reviews the main points that go into a successful data transfer recipe.
Guernsey is an independent island jurisdiction located between the United Kingdom and France. In this podcast, Emma Martins, Guernsey's Data Protection Commissioner, speaks to Valerie Taylor and Stewart Dresner about this Channel Island's adequacy declaration from the EU, and its importance for its digital economy of retaining free and safe data transfers between Guernsey, the UK and the EU. The Commissioner does not see privacy and innovation as a zero sum game and is confident that it is possible to incorporate both values into products and services. She deploys fines and other enforcement tools when necessary but has recently launched Project Bijou, a human-centred method for incorporating privacy values into both everyday personal life and work. Find out how Guernsey balances the gravitational pull between the UK and the EU.
The European Commission served up new and improved model contractual clauses for data transfers under the GDPR. Important dates are attached and the Kitchen took a look at this development.
On this week's episode of #SeriousPrivacy, Paul Breitbarth and K Royal discuss the new Standard Contractual Clauses (SCCs) for international transfers that were adopted by the European Commission on 4 June 2021. These model contracts, that come in four modules, finally replace the old SCCs, some of which date back to the early 2000s. The modernised versions are fully GDPR compliant, embrace the accountability principle and include many requirements to address the limitations set by the Schrems II decision.Listen to the conversation to get a better understanding of what the new SCCs entail and how they can (and cannot) be used by organisations. You will hear more about why some non-European companies will not have to use SCCs going forward, but also on the assessments that you will need to undertake. Since recording the episode, the timelines for the Transfer SCCs have become clear too:27 June 2021 - the new SCCs become applicable27 Sept 2021 - the old SCCs become invalid for new contracts27 Dec 2022 - all SCC-based contracts will need to be updatedResourcesTrustArc blog introducing the new SCCsTrustArc microsite with all international transfer related information As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app.
On 4 June 2021 the European Commission issued new standard contractual clauses (SCCs) for data transfers between EU and non-EU countries. These modernised SCCs will replace the previous three sets of SCCs that were adopted under Data Protection Directive 95/46.
JC Gaillard is joined again by guest Bostjan Makarovic from Aphaia to discuss the impact of the Schrems II ruling on GDPR compliance and data transfers between the EU and the US
Recent Development | On 24 March 2021, the Data Protection Authority (DPA) discussed the commitment letters for cross-border personal data transfers and touched upon the procedures and principles to be followed for applications in its Wednesday Seminar. As is known, the Law on the Protection of Personal Data ("Law"), sets forth certain rules on cross-border transfer of personal data. Preparing a commitment letter between the transferor and the transferee and obtaining the DPA's approval appears as one of those mechanisms. Two template forms are published on the DPA's website for this purpose: one is for transfers from data controller to data controller, and another for transfers from data controller to data processor. You may access these templates (in Turkish) here. After the Law came into effect in 2016, the DPA announced its first approval of a commitment letter on 9 February 2021 and its second approval on 4 March 2021.
The Schrems II ruling and Brexit mean that UK organisations are required to reconsider the legal basis for the transfer of personal data to and from Europe. The webinar recording covers: The Schrems II decision regarding transfers of data; The implications for UK and EU data controllers regarding data transfers; The types of data transfers organisations should consider; Data flows and the legal basis for UK–EU data transfers; Practical steps organisations can take now; and What the future holds following Schrems II and Brexit.
In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we continue our 3-part series on issues relating to GDPR after Brexit. The topics we discuss include data protection, data transfer and issues related to trade sanctions, AML and export control. In this episode we consider data privacy and data transfers after Brexit. Resources Check out the Cordery Compliance Client alert on the data transfer after Brexit here. Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices
After the EU’s top court invalidated the Privacy Shield and cast doubt on the use of the model clauses in certain circumstances with consequences for global business, EU Business that use US service providers and US business that target US users across all industries. We explore the background to the decision, the current status of the existing transfer mechanisms, the guidance coming out of the European Data Protection Boards and new model clauses from European Commission and discuss whether the new Biden Administration will agree to changes to US privacy and surveillance to protect the privacy rights of EU individuals. We conclude by looking at the practical steps business should take to stay compliant and prepare for changes ahead in a time of uncertainty. In this episode of Connected With Latham, Bay Area partner Michael Rubin, a leader of the Data Privacy & Security Practice and Global Vice Chair of the Technology Industry Group speaks with Gail Crawford, London partner and Global Chair of the Data & Technology Transactions Practice to answer these questions and more. This podcast is provided as a service of Latham & Watkins LLP. Listening to this podcast does not create an attorney client relationship between you and Latham & Watkins LLP, and you should not send confidential information to Latham & Watkins LLP. While we make every effort to assure that the content of this podcast is accurate, comprehensive, and current, we do not warrant or guarantee any of those things and you may not rely on this podcast as a substitute for legal research and/or consulting a qualified attorney. Listening to this podcast is not a substitute for engaging a lawyer to advise on your individual needs. Should you require legal advice on the issues covered in this podcast, please consult a qualified attorney. Under New York’s Code of Professional Responsibility, portions of this communication contain attorney advertising. Prior results do not guarantee a similar outcome. Results depend upon a variety of factors unique to each representation. Please direct all inquiries regarding the conduct of Latham and Watkins attorneys under New York’s Disciplinary Rules to Latham & Watkins LLP, 885 Third Avenue, New York, NY 10022-4834, Phone: 1.212.906.1200
On 31 December 2020, the UK's Brexit transition period came to a close, taking us firmly out of the EU. Many issues have been raised over the flow of goods between Britain and its former partners, but the flow of data is a different matter altogether. Data has become an intrinsic part of modern business and with previous rules on international data transfers now at risk of irrelevancy, many organisations are considering how they can adjust their data practises to avoid falling foul of regulators.With many elements of international data law still up in the air pending various legal cases and policy decisions, we're joined by Bart Willemsen, VP at Gartner specialising in privacy, to discuss the current regulatory environment and how businesses can prepare themselves for any changes that might be on the way.For more information on everything we're spoken about in this episode, head over to http://bit.ly/ITPP-Transfer.
The decision by the ECJ on 16th July 2020, to invalidate the EU - US Privacy Shield sent shockwaves across organisations in the EU and US. We are now in January 2021 and there have been some solutions offered by the European Commission. But how workable are they for businesses in practise?? Join me, Karen Heaton and guest Mark Sherwood-Edwards, lawyer, data protection specialist and founder of Clearview Legal to discuss the latest pronouncements from the EC, on a revision of the Standard Contractual Clauses, Safeguards for transfers to the US (and other third countries) and of course, the impact of Brexit and what this will mean if the EC does not grant adequacy status to the UK. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Mark Sherwood-Edwards Founder www.clearviewlegal.co.uk Check out some great resources: FieldFisher Lawyer - Phil Lee on the revised SCCs https://www.fieldfisher.com/en/services/privacy-security-and-information/privacy-security-and-information-law-blog/first-impressions-new-eu-standard-contractual-clauses Tools to help with assessing data transfers Proteus-Cyber https://proteuscyber.com/Schrems-II-Automatic-SCC-contracts Special Guest: Mark Sherwood-Edwards.
Hello 2021
The Schrems II landmark ruling decision in July and it impacts on privacy shield, plus the Brexit transition period ending on 31st December, has meant data compliance has never been busier. Many businesses are unsure of the updates that impact international data transfers and what is required to process data correctly. With the UK being a non-EU member come 1st January Article 27 of the GDPR will be an important focus also. Ronan talks to Conor Hogan, Global Practice Lead in Privacy at BSI about all this and the latest elephant in the room BYON (Bring Your Own Network).
Brexit and Schrems II and the practical implications for the UK and EU data transfers
In the second episode of season six, co-hosts Bill Mariano and Rob Hellewell kick off the show with Sightings of Radical Brilliance. In this episode, they review a recent trends analysis article written by Lighthouse’s very own John Shaw for The Lawyer that dives into new sources of evidentiary data in employment disputes. Next, they bring on Melina Efstathiou of Eversheds Sutherland who answers questions around cross-border data transfers and the EU-US data privacy challenges outlined below:What does the surprise decision to invalidate the EU-US Privacy Shield mean for ediscovery?How does this impact other data transfer mechanisms? What are some of the implications that Brexit could have?Are there any key tips for preparing for the future of cross-border ediscovery?Our co-hosts wrap up the episode with a few key takeaways. If you enjoyed the show, subscribe here, rate us on Apple and Stitcher, join in the conversation on Twitter, and discover more about our speakers and the show here.Related LinksBlog Post: Worldwide Data Privacy UpdateBlog Post: Three Steps to Tackling Data Privacy Compliance Post GDPRBlog Post: The U.S Privacy Shield Is No Longer Valid – What Does that Mean for Companies that Transfer Data from the EU into the US?About Law & CandorLaw & Candor is a podcast wholly devoted to pursuing the legal technology revolution. Co-hosts Bill Mariano and Rob Hellewell explore the impacts and possibilities that new technology is creating by streamlining workflows for ediscovery, compliance, and information governance. To learn more about the show and our speakers, click here.
In this "Brexit Musing" Episode, Giulio Novellini, Counsel from PORTOLANO CAVALLO discusses the possible implications Brexit has on the data transfer, privacy and protection sphere in Europe, the UK, and also the farther-reaching United States. While GDPR will continue to apply in the UK, Giulio will also underline the key aspects for UK and US companies with regard to data privacy & transfers. Giulio Novellini, Counsel, joined PORTOLANO CAVALLO in 2018 and specializes in privacy, data protection, Internet and e-commerce and new technologies (Artificial Intelligence, Blockchain and Smart Contracts).Throughout his professional career, Giulio has assisted national and international companies with litigation and compliance issues related to Personal Data Protection. He has acquired particular experience in advising clients in matters concerning websites, apps, online compliance relating to the use of cookies, the processing of data for marketing, e-commerce, the foreign use of personal data and violations of personal data.Giulio supports clients by providing legal advice, privacy-by-design and privacy-by-default, evaluation of impact on privacy and audits.In 2020 he has been ranked by Legal500 as “Rising star” for Data Privacy and Data Protection. He is also ranked by Who's Who Legal as a “Global Leader” in the “Data Privacy and Protection” chapter of the WWL: Data 2020 guide and as a “National Leader” in the “Data” chapter of the WWL: Italy 2020 guide.
Check out the fifth installment of our brand-new six part insights series hosted by BSI in partnership with McAfee. In this episode, Conor Hogan, Global Practice Lead in Privacy and Sarah Ledgerwood Manager in Data Management and Forensics Technologies discuss the new guidance released last week by the European Data Protection Board, the data protection impact of Brexit and their advice on how to manage compliance issues for your global data transfers. Subscribe here: https://www.bsigroup.com/en-IE/our-services/cybersecurity-information-resilience/Resources/Webinars/insights-series/notification/ to receive notifications on the upcoming episodes.
Uncertainty and ambiguity shroud the implications of the CJEU’s decision in the Schrems II ruling (‘Schrems II’) for Irish businesses. This is according to a survey from the Association of Compliance Officers of Ireland (ACOI) of one hundred data protection specialists from tech and other organisations throughout the country. Approximately 65% of those surveyed say the greatest challenge presented by the July 2020 ruling thus far, is the lack of clarity from regulatory bodies, while over half of businesses surveyed said the ruling will negatively impact their business data transfers. Highlights from the ACOI Schrems II Impact Survey include: The lack of clarity around implementation was cited by the majority (65%) as the biggest challenge facing their business on the back of this ruling, followed by the limits it puts on businesses when it comes to transferring data (21%), and the costs involved with implementation (14%) 4 in 10 say it will affect their ability to do business in the US. Interestingly, more firms think its impact on their ability to do business with the UK will be greater (60%) Almost 6 in 10 (59%) say an unsuccessful Brexit outcome will restrict their transfer of data to the UK in 2021 Even if Brexit negotiations are concluded with any degree of success, most firms (75%) believe there will still be issues which may limit their potential to transfer data to the UK. Michael Kavanagh, CEO of ACOI spoke of the findings, “All sectors of business have or will be affected by the Schrems II ruling on international data transfers and, in an already challenging business environment, this is an obstacle which is going to be very difficult for many to overcome. The message from businesses is that the most pressing and immediate concern is the lack of clarity on how the ruling should be applied. The Data Protection Commission (DPC) commented in July that “...the DPC acknowledges the central role that it, together with its fellow supervisory authorities across the EU, must play in this area. In that regard, we look forward to developing a common position with our European colleagues to give meaningful and practical effect to today’s judgment”. This has left firms in a difficult position until that EU-level guidance is published, particularly smaller businesses that are already under severe pressure due to COVID-19 related restrictions. Last Thursday a draft EU Commission decision and related new draft SCCs were published with a period for feedback running until 10 December 2020. The ACOI have welcomed the development, citing it as the commencement of the guidance that ACOI members are calling for. However, they have cautioned that, given the deadline for submissions, it actually gives little, if any, time for companies to prepare for Brexit. Mr Kavanagh continued, “There’s no doubt that businesses want to be compliant, but they are unsure how to be. For instance, when it comes to Standard Contractual Clauses (SCCs) how do they provide the necessary checks? This will be very onerous for smaller businesses. And with the Privacy Shield invalid with immediate effect – what can they use in the interim? At this point, and in lieu of any concrete instruction from the DPC and the European Data Protection Board (EDPB), businesses believe there is a real need for Government intervention. The vast majority (71%) are calling on the Government to step in and assist and support them, such as by providing a temporary grace period whilst Irish and EU supervisory authorities provide clarity. The ruling wasn’t black and white and so it will take some time before the issues are ironed out and definitive guidance can be given. But we can’t leave firms in limbo until then. The powers that be need to address this and give these businesses a way to proceed with their daily business activities when it comes to data transfer.” The ACOI say that the requirement in particular for companies to put in place additional...
Matheson's Employment Law podcast series in which Bryan Dunne, Head of Employment at Matheson, discusses the latest developments in Irish employment law. The podcasts are a key resource in keeping up to date for HR practitioners, employment lawyers and international employers with employees in Ireland.
Matheson’s Employment Law podcast series in which Bryan Dunne, Head of Employment at Matheson, discusses the latest developments in Irish employment law. The podcasts are a key resource in keeping up to date for HR practitioners, employment lawyers and international employers with employees in Ireland.
Bryan Cave data privacy attorney Christian Auty returns for Episode 36 to talk about the real world implications of the Schrems II opinion from the European Court of Justice. What is Schrems II? It is shorthand for Case C-311/18 Data Protection Commissioner v. Facebook Ireland Limited and Maximillian Schrems. In it, the Court of Justice reaffirmed that generally, transfers of personal data from the EU to non-EU countries are prohibited unless sufficient measures are taken to protect it. The court followed law found in the European Data Protection Directive and the GDPR (General Data Protection Regulation). Both say that personal data of EU citizens may not be transferred to non-EU countries unless proper safeguards are in place and only if the Non-EU country ensures an adequate level of protection for the personal data transferred. In short, Schrems II invalidated the EU/US Privacy Shield Framework that many companies used to legally transfer data between the EU and US. The EU and US governments created the Privacy Shield so companies could become certified to securely transfer data between the EU and US. The Schrems II court did not believe that the Privacy Shield did enough to protect EU personal data because, among other things, even under the program, EU citizens have no right to challenge government requests for their information under the Foreign Information Surveillance Act. As Christian explains, although Schrems II invalidated Privacy Shield, it did not invalidate Standard Contractual Clauses (SCC) and he suggests that if you do not have SCCs in place and you transfer data from the EU to the United States, you should look into them. Standard Contractual Clauses are model contract clauses officially sanctioned by the European Commission that address how companies must handle and protect personal data of EU citizens. Christian says too that companies can bolster their contracts and SCCs by implementing a law enforcement policy–a specific policy about how a company will handle inquiries from intelligence agencies or law enforcement regarding data.
The Schrems II decision, a recent European Court of Justice ruling that declares the Privacy Shield program that facilitates data transfers between the EU and the United States invalid, has major implications for modern commercial data related activities such as cross-border data transfers. Colin Bennett is a political science professor at the University of Victoria and one of Canada’s leading privacy experts. He has written multiple books on privacy and surveillance and focuses on the development and implementation of privacy protection policies at the domestic and international levels. He joins the podcast to discuss the decision and what it means for global data transfers and the future of Canada’s privacy law framework.
Today we depart from the corornavirus related stories to bring you an update on the landmark ruling from the European Court of Justice on the EU - US Privacy Shield. The decision by the ECJ on 16th July 2020, to invalidate the EU - US Privacy Shield has sent shockwaves across organisations in the EU and US. We are joined by fellow host, Mark Sherwood-Edwards, lawyer, data protection specialist and founder of ThisisDPO. Mark has read the judgement and is going to talk to us today about what it means for data protection, for businesses and for DPO’s. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Mark Sherwood-Edwards Founder ThisisDPO www.thisisdpo.co.uk
The end of 2020 and the EU-UK transition period is fast approaching. Valerie Taylor and Helena Wootton discuss what will happen to international transfers of personal data from the EU to the UK and how should organisations prepare.A fuller analysis is available in the July 2020 edition of Privacy Laws & Business UK Report.
Below this blurb, there is a link to an NYMag article called, “135 Ways to Donate in Support of Black Lives and Communities of Color”. We have decided to put our money where our mouth is in support of black lives here in America. We will be matching donations to charities that support people of color of up to a total combined value of $250.00. That process works like this:1: You donate any amount to the charity of your choice. (The charity has to be helping people of color, and or their communities.) 2: Send an email to Morgan@DriveByDogs.com with the receipt/invoice. 3: We reply within 48 hours matching your contribution!If you are unsure of where to best donate, please refer to the link below. This article does a really good job of listing various related charities. https://nymag.com/strategist/article/where-to-donate-for-black-lives-matter.htmlIn this episode, we discuss Water Parks vs. Amusement Parks and Election day Data Transfers. Oh and also the secret behind Google’s Search Engine.
On 31 January 2020, the United Kingdom left the European Union. For the first time since its creation, a member state has decided to leave the common market, and for now, it is uncertain what the future holds for current privacy legislation. The new relationship between the UK and the EU will be negotiated in the course of this year, with the agreed transition period ending on 31 December. During this period, GDPR will apply as if nothing has changed. But what will happen after?During this webinar recording, Paul Breitbarth, Ralph O’Brien and Josh Harris discuss Brexit from the EU, UK and US perspective.To view the full webinar video and to capture your registration for CPE: https://info.trustarc.com/WB-2020-02-25-BrexitDataProtectionUpdate_RegPage.html
What do organizations need to do to comply with the Turkish Data Protection Act? What does the obligation to register all processing activities entail? And what are the risk of non-compliance? Recorded on 01/15/2020. To download webinar slides, please visit: https://info.trustarc.com/WB-2020-01-15-TurkishDataProtectionActIsitareflectionofGDPR_RegPage.html
In a special episode recorded at the Global Technology Summit 2019, guest host, Rudra Chaudhuri speaks to François Godement and Ralf Sauer about the global debates on issues of data privacy and data protection, EU's approach to data sovereignty, and the implications of India's personal data protection bill.References:Digital Privacy: How Can We Win the Battle? by François GodementWill a GDPR-Style Data Protection Law Work for India? by Anirudh BurmanThe era of data globalism is over. Where does this leave India? by Rudra Chaudhuri
Anirudh Burman and Srinath Raghavan discuss the implications of India's draft personal data protection bill. References:AI Superpowers: China, Silicon Valley and the New World Order by Kai-Fu LeeA Free and Fair Digital Economy: Protecting Privacy, Empowering Indians by the Committee of Experts under the Chairmanship of Justice B.N. Srikrishna
There are so many privacy headlines in the U.S. right now that it almost seems to overshadow developments in the EU. While the privacy profession was, for years, seemingly laser-focused on the General Data Protection Regulation -- deservedly -- the California Consumer Protection Act set a firestorm in 2017 and then later in 2018 when it was passed. But that doesn't mean things are quiet in the EU. In this episode of The Privacy Advisor Podcast, host Angelique Carson chats with FieldFisher's Phil Lee, CIPP/E, about everything from the future of cross-border data transfers to that yet-to-be-passed ePrivacy Regulation.
Live at EU DPS'19 - Max Schrems discusses data transfers after Brexit by PrivSec Podcasts
CinePsyEP194 May Mattei: Violence In a Women’s Prison Cort finally has the scavenged iMac up and running thanks to the help of the unnamed patron saint of Data Transfers. Matt reveals a shocking revelation of his knowledge of Laura Gemser and the smuttier films from his past. Its recorded on the Wednesday before its Sunday release and Cort has no time to edit with so much on his schedule. When it’s time to talk about the Mattei made schlock the conversations strays into out takes quite a bit. Spotify: https://open.spotify.com/show/0PhshKRtKhh4ESfKhrer6s?si=7M_fLKDsRomBgiowA0WWOA iTunes: https://itunes.apple.com/us/podcast/cinema-psyops/id1037574921?mt=2 Stitcher: http://www.stitcher.com/podcast/cinema-psyops Google Play Music: https://play.google.com/music/m/Ij7cs3a2qml6bz2lajomirqcngi?t=Cinema_PSYOPS Cinema PSYOPS Main page: http://www.legionpodcasts.com/cinema-psyops/ Email feedback to Matt: psyopmatt@gmail.com. Cort : cinemapsyopscort@gmail.com Find on twitter Cort: @Cort_PSYOP Matt: @psyopmatt Join the FaceBook group: https://www.facebook.com/groups/1616282625298374/ Instagram: cinema_psyops
CinePsyEP194 May Mattei: Violence In a Women’s Prison Cort finally has the scavenged iMac up and running thanks to the help of the unnamed patron saint of Data Transfers. Matt reveals a shocking revelation of his knowledge of Laura Gemser and the smuttier films from his past. Its recorded on the Wednesday before its Sunday release and Cort has no time to edit with so much on his schedule. When it’s time to talk about the Mattei made schlock the conversations strays into out takes quite a bit. Spotify: https://open.spotify.com/show/0PhshKRtKhh4ESfKhrer6s?si=7M_fLKDsRomBgiowA0WWOA iTunes: https://itunes.apple.com/us/podcast/cinema-psyops/id1037574921?mt=2 Stitcher: http://www.stitcher.com/podcast/cinema-psyops Google Play Music: https://play.google.com/music/m/Ij7cs3a2qml6bz2lajomirqcngi?t=Cinema_PSYOPS Cinema PSYOPS Main page: http://www.legionpodcasts.com/cinema-psyops/ Email feedback to Matt: psyopmatt@gmail.com. Cort : cinemapsyopscort@gmail.com Find on twitter Cort: @Cort_PSYOP Matt: @psyopmatt Join the FaceBook group: https://www.facebook.com/groups/1616282625298374/ Instagram: cinema_psyops The post CinePsyEP194 May Mattei: Violence In A Women’s Prision appeared first on Legion.
As we've said, there is a lot of data involved with a CRM. When you're feeling clueless, that amount of data can sometimes feel overwhelming. So, in this episode we talk about how to manage all of that.
Overview: This is the beginning of the states taking proactive approach to transfer the risk to businesses and through regulations. Common Occurrence – China, EU, Spain, Various States, etc…. GDPR for the US is coming….but that is for Data Privacy EU Cyberlaw that will be hitting the end of the year….Focused on Data Transfers, along with other items It is all coming, so you better be prepared to REDUCE YOUR CYBER RISK! Details: Quote: Justin Orcutt - The South Carolina Insurance Data Security Act was signed into law on May 14th, 2018 by South Carolina Governor Henry McMaster. It's the first piece of cybersecurity legislation ever to be passed in the United States aimed at covering the insurance industry. Insurance Data Security Model – Drafted by the National Association of Insurance Commissioners in 2017 Similar to the Alabama Breach Law, NYDFS Law, etc Official January 1, 2019 but all the requirements don't hit until 2020 Interesting tidbit: -All Licensees of the South Carolina Department of Insurance must have a “comprehensive, written, cybersecurity program” in place -Insurers, agents, other licensed entities, plus real-estate lawyers who are also real-estate agents -Cybersecurity Program -Breach Response plan – 72 hours (YEA BABY) -BIGGIE: Designate Individual, Third Party, or Affiliate who is responsible for your program -Can there be more!!!! --250 vs. HIPAA's 500people -Investigate Promptly and records must be retained for 5 years It goes on….. Recommendation / Outcome: -Read the law and determine if it affects you and your business -Look for resources to help you build out a program, designate a person, etc. -Legal counsel on the best course of action to ensure you meet the law -Cybersecurity advice who can work with legal counsel and your business -Utilize my training that I am building for this very situation!
Dr. Nirmala Shenoy of Rochester Institute of Technology speaks to Cambridge Healthtech Institute on April 6, 2018. She will be a presenter during the Data Transfer track at Bio-IT World Conference & Expo, May 15-17, 2018 in Boston, Massachusetts. Topics Questions Include: 1) Why have you focused your recent research on Internet architectures and protocols and computational challenges faced by network protocols? 2) Let’s address scalability. How will supporting high-speed data transfers in large or across multiple networks, or provisioning for larger amounts of high-speed data, impact the security of scientific data? 3) How have Internet and routing protocols evolved in the last decade, and what further changes do you foresee in coming years? For more information, please visit http://www.Bio-ITWorldExpo.com/Data-Transfer/
Listen to MLex Correspondent Xu Yuan and our Managing Editor in Asia David Plott discuss China's new Cybersecurity Law (due to come into effect on Thursday June 1 2017) and what it means for companies doing business in China. You can find out more about this new law in two recent insights published on MLex Market Insight: - China considers sweeping regulation of cross-border data transfers http://bit.ly/2ropPjw -China considers 19-month grace period before enforcing cross-border data transfer rules http://bit.ly/2s2vyYr To listen to the podcast in Mandarin Chinese click here: http://bit.ly/2raCzJb.
TechLaw10 hosts Jonathan Armstrong and Eric Sinrod discuss legal issues related to information technology. In this episode, Jonathan and Eric discuss recent developments in the Max Schrems case involving privacy in data transfers between the EU and U.S.
TechLaw10 hosts Jonathan Armstrong and Eric Sinrod discuss legal issues related to information technology. In this episode, Jonathan and Eric discuss concerns about privacy protection involved in the transfer of personal data between the U.S. and Europe.