Now that the Executive Order (EO) and DOJ regulations on the EU-US Data Privacy Framework have been released, what do those instruments require the government to do next? There are a few components to think about. First, what is next for the conduct of signals intelligence (SIGINT), and second, what is next for redress? This … Continue reading What’s Next for the New Executive Order and the DPRC?
By: Alex Joel, Senior Project Director and Shanzay Pervaiz, Senior Researcher With the new executive order for the Trans-Atlantic Data Privacy Framework (TADPF) expected soon, now is a good time to revisit the goal that it is intended to achieve: satisfying the legal requirements set out by the Schrems II decision. These are typically thought of as … Continue reading Will the TADPF Executive Order Hit the Target?
Rumors are circulating that the Trans-Atlantic Data Privacy Framework executive order will be released as soon as October 3rd. This follows the Biden Administration's announcement of an agreement in principle this year in March. The highly anticipated order brings exciting news, and questions, about how the framework will satisfy European legal requirements. We want to … Continue reading A Reminder of Where We Are Now
This year brought exciting developments to privacy. In March, the Biden Administration announced the Trans-Atlantic Data Privacy Framework (TADPF) to facilitate transatlantic data transfers following the invalidation of the EU-US Privacy Shield. In June, the House Committee on Energy and Commerce introduced the American Data Privacy and Protection Act (ADPPA), a promising step toward federal … Continue reading A Comparison of the ADPPA and Privacy Shield
By: Alex Joel, Senior Project Director and Shanzay Pervaiz, Senior Researcher, in consultation with Gabriela Zanfir-Fortuna, Senior Advisor In a previous post, Laila Abdelaziz outlined the path to an adequacy decision after the European Commission (EC) and the United States announce an agreement in principle. Almost two years after the Court of Justice of the … Continue reading Challenging the New Privacy Shield Framework: All Paths Lead to the CJEU
To understand how the Schrems II decision is affecting companies' operations, we analyzed annual 10-K reports. SEC rules require that 10-Ks provide detailed information on certain key topics, including “Risk Factors.” According to the SEC, under this topic heading a company will provide information "about the most significant risks that apply to the company or to its securities." First, we searched for 10-K … Continue reading Is the Schrems II ruling one of the “most significant risks” facing U.S. companies?
Recently, the Data Protection Conference of Germany requested Professor Stephen I. Vladeck to provide an expert opinion on the scope of FISA Section 702’s application. In particular, the Data Protection Conference seemed interested in FISA Section 702 having an extraterritorial application. In his testimony, Professor Vladek stated that if an EU company has a U.S. … Continue reading When Can a U.S. Court Exercise Jurisdiction Over a Non-U.S. Entity?