On July 16, the Court of Justice of the European Union struck down the EU-U.S. Privacy Shield in the ‘Schrems 2.0’ Case (Facebook Ireland and Schrems (Case C-311/18)). In an article for the International Association of Privacy Professionals, Alston & Bird Senior Counsel Peter Swire analyzes the decision and discusses potential implications, including those relating […]
International
Schrems 2.0: CJEU invalidates EU-US Privacy Shield and emphasizes exporter obligations when using Standard Contractual Clauses
Executive Summary Today, the Court of Justice of the European Union (‘CJEU’) handed down its long-awaited judgment in the ‘Schrems 2.0’ case (Facebook Ireland and Schrems (Case C-311/18)), about the validity of two means of legitimizing transfers of personal data outside the EEA under the EU General Data Protection Regulation (‘GDPR’)[1]. In somewhat of a […]
Japan’s Personal Information Protection Committee releases guidance on contact tracing mobile apps to combat COVID-19
On May 1, the Personal Information Protection Committee in Japan (PPC) released guidance on the use of contact tracing mobile apps (Apps) as one of the mechanisms to combat the spread of COVID-19 and highlighted five essential consideration points. Specifically, the PPC recommends that all “personal information handling business operators” carefully consider, and disclose their […]
Location and Mobile Data in the Fight against COVID-19 – An Overview of U.S. and Global Efforts
Governments are increasingly seeking to leverage consumer geolocation and other mobile device data to assist with fighting the spread of COVID-19, as cases continue to mount globally. Location data can be of significant value to public health models, such as models that determine areas where social-distancing measures are needed or test whether such measures are […]
Wim Nauwelaerts Authors Summary of EDPB’s Guidelines of the GDPR
Wim Nauwelaerts, Brussels partner and leader of the firm’s EU Privacy and Data Protection practice, has authored a summary of the European Data Protection Board’s (EDPB) guidelines on the territorial scope of the GDPR. On November 12, 2019, the EDPB adopted the final version of its guidelines – almost one year after they had been […]