Professor Paul Schwartz and I recently edited the Schrems II decision for our Information Privacy Law casebook. Schrems II is short for Facebook Ireland Ltd. v. Maximillian Schrems — the second challenge by Maximillian Schrems to the transfer of data between the EU and US. In Schrems I, the European Court of Justice (CJEU) invalidated the Safe […]
Category: European Union Privacy
Posts about European Union Privacy by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Video: Schrems II Initial Reactions with Daniel Solove, Justin Antonipillai, Gabriela Zanfir-Fortuna, Jocelyn Aqua, Ralf Sauer, and Bob Litt
Yesterday, the European Court of Justice issued its decision in Facebook Ireland v. Schrems, a case known as Schrems II. The court’s opinion sent shock waves throughout the privacy world. I had a terrific discussion with Justin Antonipillai (Wirewheel), Gabriela Zanfir-Fortuna (Future of Privacy Forum), Ralf Sauer (European Commission), Jocelyn Aqua (PwC) and Bob […]
Video: Schrems II Initial Reactions with Daniel Solove, Justin Antonipillai, Gabriela Zanfir-Fortuna, Ralf Sauer, and Bob Litt
The European Court of Justice just issued its decision in Facebook Ireland v. Schrems, and the court’s opinion sent shock waves throughout the privacy world. I had a terrific discussion with Justin Antonipillai (Wirewheel), Gabriela Zanfir-Fortuna (Future of Privacy Forum), Ralf Sauer (European Commission), and Bob Litt (Morrison & Foerster, former General Counsel for the […]
A Quick Synopsis of Schrems I and Schrems II
My quick synopsis of Schrems I and Schrems II.
The Schrems II Decision
The European Court of Justice has finally issued its decision in Facebook Ireland Ltd. v. Maximillian Schrems — otherwise known as Schrems II. The full text of the Schrems II opinion is here. The result: The US-EU Privacy Shield Framework is invalid. The Standard Contractual Clauses are valid. Ultimately, this means that it is still […]
Cartoon: GDPR Lawful Basis
This cartoon is about the GDPR’s lawful basis requirement to process personal data. One of the biggest differences between U.S. and EU privacy law is that in the U.S., organizations can collect and use personal data in nearly any way they choose as long as they state what they are doing in their privacy notice […]
Profiling and the GDPR: An interview with Mark Singer and Raf Sanchez
I had the opportunity to interview Mark Singer and Raf Sanchez, both at Beazley, about the issue of profiling and the GDPR. Mark Singer is a member of the Cyber & Executive Risk Group at Beazley. Mark handles insurance coverage issues arising out of cybersecurity, technology errors and omissions, data privacy, intellectual property, media and advertising liabilities. Raf […]
Cartoon: GDPR Data Portability
This cartoon is about the GDPR’s right to data portability under Article 20. This right allows data subjects to take their data from one organization and transfer it easily to other organizations. Pursuant to the GDPR Article 20: 1. The data subject shall have the right to receive the personal data concerning him or her, […]
Cartoon: GDPR Superhero
For global organizations as well as organizations in the EU, the GDPR has brought significant attention and resources to privacy. Finally, many executives are beginning to take privacy seriously. As I recently wrote in my article, Prime Time for Privacy, at Bloomberg Law: The GDPR has taken privacy to the next level. Before the GDPR, nothing […]
Cartoon: GDPR Change in Privacy Notices
In the past few weeks, with enforcement of the General Data Protection Regulation (GDPR) beginning on May 25, countless organizations launched emails and pop up notices about changes in their privacy notices in light of GDPR. This cartoon pokes a little fun at the blizzard of changed privacy notice notices.