Header graphic for print
Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

European Union

Subscribe to European Union RSS Feed

Article 29 Working Party Opinions on Privacy Shield and Surveillance

Posted in EDPS, EU Data Protection Regulation, European Court of Justice, European Union, Events and Webinars, Judicial Redress Act, Privacy Regulation, Privacy Shield, Safe Harbor, Uncategorized

The Article 29 Working Party has released opinions on Privacy Shield and “essential guarantees” under EU law relating to surveillance, here and here. Please join us in our webinar at 1 pm EDT today to learn more about the Article 29 Working Party’s opinion on Privacy Shield (register here).  We will look at the opinion’s likely… Continue Reading

Key EU Advisory Body Declines to Support Privacy Shield (Update)

Posted in EU Data Protection Regulation, European Union, Events and Webinars, Privacy Shield, Safe Harbor

UPDATE: The Article 29 Working Party has released surprisingly brief comments on Privacy Shield, available here.  Consistent with the press briefing held earlier today (see below), WP29 has concluded that Privacy Shield falls short without providing specific guidance as to what, exactly, an acceptable version of Privacy Shield would look like. Earlier today, the Article 29… Continue Reading

Key Review of Privacy Shield Coming in Six Weeks

Posted in European Court of Justice, European Union, Privacy Shield, Safe Harbor, Uncategorized

Now that the EU Commission has published the complete version of its draft decision adopting the EU-US Privacy Shield program, it’s time for the key reviewers to dig in.   I don’t mean the lawyers, or EU privacy advocates, or US businesses, although their views will no doubt be wide-ranging and illuminating.  But no, the really important… Continue Reading

EU-US Privacy Shield Agreement Published

Posted in EU Data Protection Regulation, European Court of Justice, European Union, Privacy Shield, Safe Harbor, Uncategorized

The European Commission has finally made the draft text of the EU-US Privacy Shield program available (scroll down in the press release for further links).  The Privacy Shield program, which was agreed to in principle by US and EU negotiators nearly four weeks ago, will replace the Safe Harbor program that was struck down last autumn by the… Continue Reading

Judicial Redress Act passes the House with the Senate Amendments

Posted in European Union, Federal Trade Commission, Judicial Redress Act, Legislation, Privacy Shield, Safe Harbor, Umbrella Agreement, Uncategorized

The amended Judicial Redress Act has passed the House and is on its way to the president to be signed into law.  The Act, which we covered in an earlier blog post, gives citizens  of foreign countries the same rights as US citizens in connection with the use by the US government of their personal data,… Continue Reading

Amended version of Judicial Redress Act passes the Senate; now goes back to the House

Posted in European Union, Judicial Redress Act, Privacy Shield, Safe Harbor, Umbrella Agreement

The US Senate passed the amended version of the Judicial Redress Act on February 9.  The amendments, which tie the Umbrella Agreement to Safe Harbor 2.0 (now dubbed the US-EU “Privacy Shield”), now go back to the House for approval.  We discussed the amendments in an earlier blog looking at the intersection of security-related and commercial… Continue Reading

Will free apps soon be dead in Europe?

Posted in EU Data Protection Regulation, European Union, Mobile Privacy, Online Advertising, Social Media, Uncategorized

As we’ve discussed previously, the GDPR significantly limits user consent as a basis for processing personal data.  One interesting question is whether the new rules on consent will kill free apps in Europe.  Free apps typically involve the offer of a service (the app) in exchange for access to personal data (whatever data the app… Continue Reading

Commission Press Release and FTC Fact Sheet outlines the new EU-US “Privacy Shield”

Posted in European Court of Justice, European Union, Privacy Regulation, Privacy Shield, Safe Harbor

Update: The US Commerce Department has released a “fact sheet” on the new Privacy Shield agreement.   The European Commission has issued a press release that gives an outline of some key changes to the EU-US safe harbor, now dubbed the “Privacy Shield.”  The new accord still needs to be reviewed by the Article 29 Working… Continue Reading

Political Agreement Reached on US-EU Safe Harbor; Details “Hazy”

Posted in EU Data Protection Regulation, European Court of Justice, European Union, Safe Harbor

According to press reports, European Union and U.S. negotiators in Brussels finalized what is being called a “political agreement” on a new Safe Harbor transatlantic data transfer agreement. European Union justice commissioner Vera Jourová will present the agreement to the European Commission’s 28 commissioners today.

EU update: Safe Harbor 2.0 deadline passes without agreement; Art. 29 WP views on BCRs and model clauses expected tomorrow

Posted in European Union, Safe Harbor

No news is not good news this time.  The January 31 deadline for getting a new Safe Harbor Agreement in place came and went last weekend.  Commissioner Jourova, who is leading the Safe Harbor 2.0 negotiations for the EU, reported on the negotiation’s status last evening to LIBE, the European Parliament committee that oversees privacy… Continue Reading

Running Aground in the Surveillance Safe Harbor – Podcast Available

Posted in EU Data Protection Regulation, European Court of Justice, European Union, Federal Trade Commission, Privacy Regulation, Safe Harbor

If you would like to learn more about the politics and law behind the current Safe Harbor 2.0 negotiations, download the podcast of Running Aground in the Surveillance Safe Harbor, a teleforum hosted by the Federalist Society.  The podcast features moderator Matthew R.A. Heiman, Vice President, Chief Compliance & Audit Officer, Tyco International; Stewart A. Baker, Partner, Steptoe &… Continue Reading

Tying it all together: Safe Harbor and Security-Related Data Flows

Posted in EU Data Protection Regulation, European Court of Justice, European Union, Federal Trade Commission, Safe Harbor

One of the fascinating aspects of the privacy-related negotiations between the EU and the US over the past couple of years has been the EU’s efforts to decouple trade (e.g, TTIP) and security-related negotiations from the Safe Harbor 2.0 negotiations. The US Senate’s Judiciary Committee pushed back firmly on that yesterday when it adopted amendments… Continue Reading

(So) What if there’s no Safe Harbor 2.0?

Posted in Data Breach, Data Breach Notification, Data Compliance & Security, EDPS, Employee Privacy, EU Data Protection Regulation, European Court of Justice, European Union, Federal Trade Commission, Legislation, Privacy Regulation, Safe Harbor

There’s no doubt businesses in the EU and US would breathe a sigh of relief if a new Safe Harbor agreement is put in place between before European data protection authorities start prosecuting companies for potentially illegal personal data transfers to the US.  But if it doesn’t happen, the US is actually not any worse… Continue Reading

The Exception that Proves the Rule? European Court of Human Rights Okays Employer’s Access to Personal Communications of Employee In (Highly) Limited Circumstances

Posted in Employee Privacy, European Union

The European Court of Human Rights recently ruled in Bărbulescu v. Romania (Application no. 61496/08) that a Romanian employer did not violate its employee’s fundamental right of privacy when the employer accessed personal messages in the employee’s Yahoo! Messenger account.  Numerous newspapers and other media sources quickly declared employee privacy dead as a result of… Continue Reading

The EU Commission’s spin on the new General Data Protection Regulation

Posted in Data Breach, Data Breach Notification, Data Compliance & Security, EDPS, EU Data Protection Regulation, European Union, Events and Webinars, Safe Harbor, Uncategorized

The European Union Commission has issued a fact sheet on the new General Data Protection Regulation (final post-trilogue text available via Statewatch).  The Commission claims that the Regulation is good for individuals and good for business.  We’ll leave that to readers . . . and history . . . .to decide. As regulations go, the… Continue Reading

REMINDER: Webinar TOMORROW — Getting to Grips with the New EU General Data Protection Regulation: Key Changes and What You Need to Do to Prepare

Posted in EU Data Protection Regulation, European Union, Events and Webinars, Uncategorized

Don’t forget to join us tomorrow afternoon – Tuesday – at 1 PM ET for a webinar discussion on the New EU General Data Protection Regulation. What’s next? What are the key changes? What do you need to do to prepare? Registration is here.

Key EU Parliamentary Committee Votes to Adopt the General Data Protection Regulation

Posted in Data Breach, Data Breach Notification, Data Compliance & Security, EDPS, Employee Privacy, EU Data Protection Regulation, European Union

As expected, the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (also known as LIBE) voted today to adopt the new General Data Protection Regulation (see the summary we provided yesterday here).  A LIBE press release announced the vote with the proclamation “New EU rules on data protection put the citizen back in the driving seat.”  The vote was… Continue Reading

The General Data Protection Regulation in Bullet Points

Posted in Data Breach, Data Breach Notification, Data Compliance & Security, EDPS, Employee Privacy, EU Data Protection Regulation, European Union, Privacy Regulation, Safe Harbor, Security, Social Media

Updated at 8:50 pm GMT on 16 December 2015. The new General Data Protection Regulation is effectively a “done deal” following the final trilogue meeting on December 15.  One might assume based on UK media coverage that the biggest change in EU privacy law is that kids under 16 will need their parent’s consent to… Continue Reading

Privacy Monday: November 9, 2015 – EU/Safe Harbor Updates

Posted in Employee Privacy, European Court of Justice, European Union, Privacy Monday, Safe Harbor

And the days dwindle down, to a precious few … November … We are still following developments in the EU relating to the invalidation of the US-EU Safe Harbor Framework.   In case you were on a secluded island during the month of October, you can catch up here. European Commission Issues Communication.  On Friday, the… Continue Reading

EU Round-UP: Safe Harbor 2.0 and Upcoming National Challenges

Posted in EU Data Protection Regulation, European Court of Justice, European Union, Privacy Regulation, Safe Harbor

EU Commissioner Vera Jourova recently announced in a speech to the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) that the Commission and the US have made substantial progress in finalizing a new Safe Harbor program. Jourova noted that the collection and use of European personal data for US national security purposes… Continue Reading

More Dominos Fall on the Data Protection Table

Posted in EU Data Protection Regulation, European Court of Justice, European Union, Safe Harbor

As all of our readers know by now, as of October 6, the US-EU Safe Harbor Framework is no more.   Safe Harbor was the mechanism on which thousands of US companies (and thousands of companies based in the European Union) legitimized their data transfers from the EU to the US.  All the background, including links to a… Continue Reading

Irish High Court Quashes Irish Data Protection Commission Original Schrems’ Decision

Posted in EU Data Protection Regulation, European Court of Justice, European Union, Safe Harbor

The Irish High Court today has ordered the Irish Data Protection Commissioner (DPC) to investigate Facebook’s European data privacy practices, bringing Max Schrems’ three-year fight full circle.  The Court today quashed the original DPC refusal to examine Schrems’ complaint that came back to the High Court after the referral to the European Court of Justice… Continue Reading

EU Data Protection Authorities Issue Joint Statement on Invalidation of Safe Harbor: Not Much Help Here

Posted in European Court of Justice, European Union, Safe Harbor

The so-called “Article 29 Working Party” of EU Data protection officials from the 28 EU member states today released a much-anticipated press release regarding the Court of Justice of the European Union (CJEU) landmark decision invalidating the US-EU Safe Harbor framework. US companies hoping for some guidance on managing cross-border data transfers will be sorely disappointed…. Continue Reading

EU Parliament Committee calls on the Commission for immediate action on US data transfers

Posted in Data Compliance & Security, EU Data Protection Regulation, European Court of Justice, European Union, Legislation, Safe Harbor, Social Media

The EU Parliament committee that is charged with considering data protection matters (LIBE) has issued a press release calling on the European Commission to take action before the end of 2015 to come up with alternatives to Safe Harbor.  Importantly, LIBE has also called on the Commission to reassess whether the European Court of Justice’s… Continue Reading