schrems

In this episode of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal of Crawford & Company talk with dr. Laura Drechsler, Research Fellow at the Centre for IT and IP Law (CITIP) at the Catholic University of Louvain, Belgium. They discuss Laura's work on cross-border data transfers, comparing the decisions of the European courts and the guidance of the data protection authorities with the adequacy decisions that have been published by the European Commission. It is clear there is still a lot to learn from the past on how to do adequacy and other data transfers right.

As always, if you have comments or questions, let us know - LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy @trustArc and email podcast@seriousprivacy.eu. Please do like and write comments on your favorite podcast app so other professionals can find us easier. 

If you have comments or questions, find us on LinkedIn, Twitter/Mastodon @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us!

Proudly sponsored by TrustArc. Learn more about the TRUSTe Data Privacy Framework verification. upcoming webinars.

#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

On 13 December 2022, the European Commission published the long-awaited draft adequacy decision for the EU-U.S. Data Privacy Framework, among podcast listeners also known as the Thingy. In this episode of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal of Outschool talk about the adequacy decision, and what they consider is missing from it. 

Resources:

• Draft Adequacy Decision
• IAPP Privacy Shield - DPF comparison
• ODNI Redress Process
• Executive Order 14086
• OECD Policy Framework on Digital Security 

As always, if you have comments or questions, let us know - LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy @trustArc and email seriousprivacy@trustarc.com. Please do like and write comments on your favorite podcast act so other professionals can find us easier. 

If you have comments or questions, find us on LinkedIn, Twitter/Mastodon @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us!

Proudly sponsored by TrustArc. Learn more about the TRUSTe Data Privacy Framework verification. upcoming webinars.

#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

On this week's episode  of #SeriousPrivacy, Paul Breitbarth and K Royal discuss the new Standard Contractual Clauses (SCCs) for international transfers that were adopted by the European Commission on 4 June 2021. These model contracts, that come in four modules, finally replace the old SCCs, some of which date back to the early 2000s. The modernised versions are fully GDPR compliant, embrace the accountability principle and include many requirements to address the limitations set by the Schrems II decision.

Listen to the conversation to get a better understanding of what the new SCCs entail and how they can (and cannot) be used by organisations. You will hear more about why some non-European companies will not have to use SCCs going forward, but also on the assessments that you will need to undertake. 

Since recording the episode, the timelines for the Transfer SCCs have become clear too:
27 June 2021 - the new SCCs become applicable
27 Sept 2021 - the old SCCs become invalid for new contracts
27 Dec 2022 - all SCC-based contracts will need to be updated

Resources

• TrustArc blog introducing the new SCCs
• TrustArc microsite with all international transfer related information 

As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. 

If you have comments or questions, find us on LinkedIn, Twitter/Mastodon @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us!

Proudly sponsored by TrustArc. Learn more about the TRUSTe Data Privacy Framework verification. upcoming webinars.

#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

La Commissione Europea ha pubblicato le nuove Clausole Contrattuali Standard (CCS) sui trasferimenti di dati personali che hanno implicazioni rilevanti e introducono nuovi obblighi sostanziali.

In questo podcast, Giulio Coraggio, partner dello studio legale DLA Piper, spiega cosa cambia con le nuove SCC sui trasferimenti di dati personali al di fuori del SEE e come le aziende dovrebbero prepararsi alla loro adozione.

Potete trovare la trascrizione del podcast a questo LINK e potete iscrivervi alla nostra newsletter settimanale "Innovation Law Insights", scrivendo a eventi@dlapiper.com
***
Diritto al Digitale è gestito dai professionisti del dipartimento di Intellectual Property & Technology dello studio legale DLA Piper (https://www.dlapiper.com).

Potete seguirci sul nostro blog (http://dirittoaldigitale.com/) e su LinkedIn (https://www.linkedin.com/company/dirittoaldigitale/). 

Il coordinatore del dipartimento è l’Avv. Giulio Coraggio (https://www.dlapiper.com/it/italy/people/c/coraggio-giulio/) che potete seguire anche su LinkedIn (https://www.linkedin.com/in/giulio-coraggio/). 

Pierluigi Perri è professore di Information security, privacy and protection of special categories of data all'Università di Milano di cui è anche DPO. Quindi ha certamente una posizione privilegiata nel comprendere gli effetti della sentenza della Corte di Giustizia europea sul caso Schrems II relativo al trasferimento dei dati personali al di fuori dello Spazio economico europeo e di come le aziende stanno reagendo a questo cambiamento.

Ne ha discusso in questo podcast con Giulio Coraggio e Tommaso Ricci di DLA Piper con un approccio decisamente aperto e spontaneo, condito dalla sua simpatia che rende ogni discussione sempre molto piacevole.

La trascrizione del podcast è disponibile a questo LINK. Sulla sentenza Schrems II, è possibile leggere l’articolo “Avete una metodologia per valutare i trasferimenti di dati extra SEE dopo la sentenza Schrems II?” e potete ricevere la nostra newsletter settimanale, Innovation Law Insights, scrivendo a eventi@dlapiper.com 

I den anden af to podcasts om overførsel af personoplysninger til tredjelande fortæller Tina Brøgger Sørensen, specialist i persondata og partner i Kromann Reumert, og Ole Kjeldsen, Teknologi- og Sikkerhedsdirektør fra Microsoft, nærmere om, hvordan Schrems II-afgørelsen ændrer virksomheders praksis i forhold til tredjelandsoverførsler. Ole giver dig et indblik i Microsofts håndtering af Schrems II-afgørelsen, ligesom Tina og Ole giver deres anbefalinger til, hvordan virksomheder kan gribe den nye situation an, herunder om vigtigheden af at foretage risikovurderinger forud for overførslen af personoplysninger til et tredjeland.

Persondataspecialist Tina Brøgger Sørensen, partner i Kromann Reumert, fortæller dig i den første af to podcasts om overførsel af personoplysninger til tredjelande om de særlige betingelser, der gælder for lovligheden af sådan overførsel. Tina belyser i den forbindelse blandt andet, hvilken betydning EU-Domstolens afgørelse i den såkaldte Schrems II-sag har for virksomheders fremtidige håndtering og overførsel af personoplysninger til tredjelande. Tina har inviteret Ole Kjeldsen, Teknologi- og Sikkerhedsdirektør fra Microsoft, med i studiet, og i første podcast tager han hul på, hvordan Microsoft i praksis har håndteret de juridiske konsekvenser af Schrems II-afgørelsen.

In this episode, DLA Piper's Victoria Lee, Co-Chair of the firm's Global Technology Sector, talks with Andrew Serwin, US and Global Co-Chair of the firm's Data Protection, Privacy and Security Practice, about implications of Schrems II and other recent data privacy legislation, and how technology companies can navigate the ever-changing landscape of global privacy regulatory issues.

See omnystudio.com/listener for privacy information.

The Schrems II decision is a Serious Privacy topic. Privacy professionals in the EU and the US had the 16th of July marked on their calendars for a long time. Today was the day the Grand Chamber of the Court of Justice of the European Union would publish their verdict in the case between the Irish Data Protection Commissioner on the one hand, and Facebook and Max Schrems on the other. The Schrems-II case, as it is commonly known, has made as much of an impact as its predecessor did in 2015.

On Thursday morning, July 16, the Court invalidated the EU-US Privacy Shield, and seriously restricted the use of standard contractual clauses. Reason enough for a special Serious Privacy episode to discuss the case and what comes next.

Paul Breitbarth and K Royal talked briefly with Gabriela Zanfir-Fortuna of the Future of Privacy Forum and Sophie in ’t Veld, Dutch member of the European Parliament. We were looking for their reactions to the decision, their expectations, and their recommendations of what happens now. They did not disappoint in providing their insight. 

Join us as we have an open discussion with two preeminent privacy professionals to discuss a critical privacy event, that may have global consequences.TrustArc was prepared for any eventuality, and rest assured, we have you covered.

Links

• TrustArc - Privacy Shield Ruling Recap
• CJEU - Press Release 
• CJEU - Full Verdict 
• NOYB - CJEU Media Page 

If you have comments or questions, find us on LinkedIn, Twitter/Mastodon @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us!

Proudly sponsored by TrustArc. Learn more about the TRUSTe Data Privacy Framework verification. upcoming webinars.

#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO