Posts about European Union Privacy by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
I recently had a terrific discussion with Prof. Nikolaus Forgó from the University of Vienna. We talked about my two recent paper — on informed consent and on sensitive data. You can watch the interview on YouTube above. Both articles are available for free download below.
If you couldn’t make my webinar to discuss cross-border data transfers, you can watch the replay here. Justin Antonipillai of Wirewheel, Josh Harris of BBB National Programs and I discussed the new framework between the US and the EU for cross-border data transfers as well as the CBPRs. We also discussed steps that companies […]
I’m pleased to announce that Paul Schwartz and I have launched a new casebook, EU Data Protection and the GDPR. Developed from the casebook Information Privacy Law, this paperback contains key cases and materials focusing on privacy issues related to the GDPR and data protection in the European Union. Topics covered include the GDPR, Schrems cases, […]
I am excited to announce a new GDPR training course — the General Data Protection Regulation (GDPR) — extensive version (20 mins). My existing course is a shorter 7 min introduction; this new 20-min course provides a more detailed overview of the GDPR. If you’re interested in evaluating the new 20-min GDPR course (or the […]
In this video, I discuss the aftermath of Schrems II with Justin Antonipillai (Wirewheel) and Peter Swire (Georgia Tech and Alston & Bird). Peter Swire’s new Lawfare piece on how to address the individual redress issue is After Schrems II: A Proposal to Meet the Individual Redress Challenge.
In Facebook Ireland Ltd. v. Maximillian Schrems (Schrems II) (July 16, 2020), the European Court of Justice (CJEU) invalidated the Privacy Shield, a widely-used method to transfer personal data from the EU to the US. The decision also put other data transfer mechanisms—Standard Contractual Clauses (SCC) and Binding Corporate Rules (BCRs)—into significant doubt. The court’s concern was the deficiency of […]
Professor Paul Schwartz and I recently edited the Schrems II decision for our Information Privacy Law casebook. Schrems II is short for Facebook Ireland Ltd. v. Maximillian Schrems — the second challenge by Maximillian Schrems to the transfer of data between the EU and US. In Schrems I, the European Court of Justice (CJEU) invalidated the Safe […]
Yesterday, the European Court of Justice issued its decision in Facebook Ireland v. Schrems, a case known as Schrems II. The court’s opinion sent shock waves throughout the privacy world. I had a terrific discussion with Justin Antonipillai (Wirewheel), Gabriela Zanfir-Fortuna (Future of Privacy Forum), Ralf Sauer (European Commission), Jocelyn Aqua (PwC) and Bob […]
My quick synopsis of Schrems I and Schrems II.
The European Court of Justice has finally issued its decision in Facebook Ireland Ltd. v. Maximillian Schrems — otherwise known as Schrems II. The full text of the Schrems II opinion is here. The result: The US-EU Privacy Shield Framework is invalid. The Standard Contractual Clauses are valid. Ultimately, this means that it is still […]