PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Webinar – GDPR Enforcement: A Conversation with Max Schrems Blog

In case you missed my discussion with Max Schrems, you can watch the replay here.  We discussed cross-border data transfer, litigation challenges and strategies, and potential reforms of the GDPR enforcement process.

New Casebook – EU Data Protection and the GDPR

EU Data Protection and the GDPR Casebook

I’m pleased to announce that Paul Schwartz and I have launched a new casebook, EU Data Protection and the GDPR. Developed from the casebook Information Privacy Law, this paperback contains key cases and materials focusing on privacy issues related to the GDPR and data protection in the European Union. Topics covered include the GDPR, Schrems cases, […]

GDPR Training, Writings, and Resources: Roundup from the Past Year

General Data Protection Regulation - GDPR - Training Resources by Prof. Daniel Solove

The General Data Protection Regulation (GDPR) is one of the world’s strictest data privacy laws and requires privacy professionals around the globe to design and implement comprehensive compliance programs.  In the past year, I developed a series of resources and training courses to assist privacy professionals with this complex task.   GDPR Whiteboard 200+ pages of […]

The Hidden Force That Will Drive GDPR Privacy Compliance

GDPR Compliance

  The clock is ticking on getting ready to comply with the EU General Data Protection Regulation (GDPR). EU regulators will start enforcing it on May 25, 2018. GDPR is less than a year away, and it’s quite a challenge to get ready for. Becoming compliant is not something that can be achieved overnight, or in a […]

Privacy Shield Training

Privacy Shield Training Course

I have produced a new Privacy Shield training course that provides a short introduction to the EU-US Privacy Shield Framework.  Privacy Shield is an arrangement reached between the EU and US for companies to transfer data about EU citizens to the US.  Privacy Shield replaces the Safe Harbor Arrangement, which was invalidated in 2015 in […]

A New US-EU Safe Harbor Agreement Has Been Reached

EU-US Privacy Shield Safe Harbor Training

Last year, the death of the US-EU Safe Harbor Arrangement sent waves of shock and despair to the approximately 4500 companies that used this mechanism to transfer personal data from the US to the EU.  But a new day has dawned.

Blogging Highlights 2015: Privacy Issues

Privacy Training

I’ve been going through my blog posts from 2015 to find the ones I most want to highlight.  Here are some selected posts on privacy issues: I. PHILOSOPHICAL Privacy by Design: 4 Key Points What Is Privacy? II. PRIVACY LAW Why All Law Schools Should Teach Privacy Law — and Why Many Don’t

10 Implications of the New EU General Data Protection Regulation (GDPR)

EU GDPR Training General Data Protection Regulation

Last week, the EU issued the General Data Protection Regulation (GDPR), a long-awaited comprehensive privacy regulation that will govern all 28 EU member countries.  Clocking in at more than 200 pages, this is quite a document to digest.  According to the European Commission press release: “The regulation will establish one single set of rules which […]

The Growing Problems with the Sectoral Approach to Privacy Law

Sectoral Omnibus Privacy Regulation

By Daniel J. Solove The US regulates privacy with a sectoral approach, with laws that are directed only to specific industries.  In contrast, the EU and many other countries have an omnibus approach — one overarching law that regulates privacy consistently across all industries.  The US is an outlier from the way most countries regulate […]

Sunken Safe Harbor: 5 Implications of Schrems and US-EU Data Transfer

By Daniel J. Solove In a profound ruling with enormous implications,the European Court of Justice (ECJ) has declared the Safe Harbor Arrangement to be invalid. [Press Release]  [Opinion] The Safe Harbor Arrangement The Safe Harbor Arrangement has been in place since 2000, and it is a central means by which data about EU citizens can […]