In a much anticipated judgment, the Irish High Court yesterday decided to ask the Court of Justice of the European Union (CJEU) to rule on the validity of Standard Contractual Clauses (SCCs).
Continue Reading Schrems II – Data transfers questioned again
The Data Protection Commissioner has been given the green light to investigate Max Schrems’ complaint against Facebook. The Office of the Data Protection Commissioner (ODPC) had initially refused to investigate the complaint based on a view that Commission Decision 2000/520/EC (the Safe Harbour Decision) was both valid and binding on the ODPC.
Continue Reading Data Protection Commissioner to investigate Schrems complaint
Model Contracts are standard contractual clauses for the transfer of personal data outside the EU/EEA which have been approved by the European Commission. They have been approved on the basis that they provide sufficient safeguards for privacy, fundamental rights and the exercise of those rights. To date two sets of standard contractual clauses for the transfer of personal data outside the EU/EEA from data controllers to data controllers and one set for transfers from data controllers to data processors have been approved by the Commission.
As has been reported widely in the world media, the Court of Justice of the European Union (CJEU) this week declared the EU-US Safe Harbour regime to be invalid. The decision has understandably given rise to a lot of concern among European businesses that transfer data to the US.
In this blog post, we seek to answer the main questions that are being asked following the CJEU ruling.
Continue Reading Data in Disarray: The Aftermath of the Safe Harbour Decision
The Advocate General, Yves Bot, of the Court of Justice of the European Union (CJEU) last week delivered his opinion in the Maximillian Schrems v Data Protection Commissioner Case, C‑362/14 (the Opinion). The Opinion, which is advisory in nature, recommends that the Safe Harbour programme be invalidated and that the Irish Data Protection Commissioner (the DPC) be empowered to carry out a full investigation as to the adequacy of protection afforded to the personal data of Facebook’s EU users.