PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Schrems II: Reflections on the Decision and Next Steps

Schrems II - US Surveillance Law

Professor Paul Schwartz and I recently edited the Schrems II decision for our Information Privacy Law casebook.  Schrems II is short for Facebook Ireland Ltd. v. Maximillian Schrems — the second challenge by Maximillian Schrems to the transfer of data between the EU and US.  In Schrems I, the European Court of Justice (CJEU) invalidated the Safe […]

Read More…

Why I Love the GDPR: 10 Reasons

GDPR Love 01

I have a confession to make, one that is difficult to fess up to on the US side of the pond: I love the GDPR. There, I said it. . . In the United States, a common refrain about GDPR is that it is unreasonable, unworkable, an insane piece of legislation that doesn’t understand how […]

Read More…

GDPR Cartoon: Lawful Processing

Cartoon GDPR Lawful Processing

This cartoon focuses on the lawful processing requirement.  Under the EU’s General Data Protection Regulation G(DPR), the collection and processing of personal data must be for “specified, explicit and legitimate purposes.”   This is in contrast to the United States where the processing of personal information is permitted unless a law forbids it. Under the GDPR, […]

Read More…

Key EDPB (European Data Protection Board) Documents for GDPR

EU Article 29 Working Party GDPR Guidance

The EDPB (European Data Protection Board) was created by the EU Data Protection Directive in 1996.  Its purpose is to provide advice, opinions, and guidance about data protection.  The EDPB (European Data Protection Board) is composed of a representative from each EU member state. Below are some of the most important guidelines to be issued […]

Read More…

Key WP29 Documents for GDPR

EU Article 29 Working Party GDPR Guidance

The Article 29 Working Party was created by the EU Data Protection Directive in 1996.  Its purpose is to provide advice, opinions, and guidance about data protection.  The Article 29 Working Party is composed of a representative from each EU member state.  The General Data Protection Regulation (GDPR) will replace the Working Party with the […]

Read More…