DBR ON DATA

Security, Privacy and Information Governance

Author: Peter Blenkinsop

Irish High Court Refers Future of EU Model Clauses to CJEU

Share

On October 3, 2017, the Irish High Court referred Data Protection Commissioner v. Facebook Ireland Limited & Maximilian Schrems to the Court of Justice of the European Union (CJEU), where the future of standard contractual clauses (SCCs) will be decided (here).

In December 2015—following the CJEU’s landmark decision in Maximillian Schrems v. Data Protection Commissioner invalidating the U.S.-EU Safe Harbor framework—Schrems amended his original complaint to the Irish Data Protection Commissioner (DPC), challenging the validity of data transfers to the U.S. based on the European Commission approved SCCs (available here).  Based on the CJEU’s Schrems decision, the Irish DPC petitioned the Irish High Court asking to refer the matter to the CJEU for ruling on the question of whether the European Commission’s SCC decisions are valid under European law.  Specifically, the Data Protection Commissioner questioned whether there is an effective remedy under U.S. law compatible with the requirements of Article 47 of the EU Charter of Fundamental Rights for an EU citizen whose data is transferred to the U.S., where such data is subject to electronic surveillance by U.S. agencies for national security purposes. EU  citizens  have  a  right  guaranteed  by  Article  47  of  the  Charter  to  an  effective remedy before an independent tribunal if their rights or freedoms are violated. These include the rights under Articles 7 and 8 to respect for private and family life and protection of personal data.

Continue reading

Webinar Series: Preparing for the General Data Protection Regulation (GDPR)

Share

The new General Data Protection Regulation (GDPR) is the EU’s most important change in data privacy regulation in 20 years, replacing the 1995 Data Protection Directive.

In our ongoing series of GDPR-focused webinars, we guide attendees through the (GDPR) provisions, which will take effect on May 25, 2018 for all companies conducting business with EU citizens.

With the deadline for compliance quickly approaching, these sessions provide practical, detailed advice on preparations, as well as developments related to GDPR compliance preparations. We have included links to each of these sessions and a summary of what was covered below.

Continue reading

© 2018 Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

Disclaimer/Privacy Policy