Blog

A Busy—and Momentous—News Week at the Intersection of Privacy, National Security, and Data Flows

This was a busy week for those following developments in privacy and cross-border data flows! The European Commission released its highly anticipated draft adequacy decision on the EU-US Data Privacy Framework. The European Commission stated, “that the United States ensures an adequate level of protection for personal data transferred from the EU to US companies.” … Continue reading A Busy—and Momentous—News Week at the Intersection of Privacy, National Security, and Data Flows

Overview of Implementation Procedures for EO 14086

By: Alex Joel, Senior Project Director and Shanzay Pervaiz, Senior Researcher Submitting and Investigating Complaints under Executive Order 14086 As we laid out in What’s Next for the New Executive Order and the DPRC?, Executive Order 14086 assigns various tasks that must be completed within specified deadlines. One of those is for the Office of … Continue reading Overview of Implementation Procedures for EO 14086

Can a Federal District Court Review the Decisions of the New Data Protection Review Court?

By: Alex Joel, Senior Project Director, and Alexandra Cohen, Research Assistant When the Court of Justice of the European Union (CJEU) invalidated the European Commission’s adequacy decision for the EU-U.S. Privacy Shield framework, one ground for their decision was that, with regard to U.S. Government surveillance, “EU data subjects lack actionable judicial redress and, therefore, do not … Continue reading Can a Federal District Court Review the Decisions of the New Data Protection Review Court?

Data Localization and “Critical Personal Data” Under India’s Personal Data Protection Bill

On August 4th, 2022, the Indian Government withdrew the much debated Personal Data Protection Bill, 2019, after deliberating over it for more than two years and receiving comments from various experts and stakeholders across the country. Several recommendations were issued by the Joint Parliamentary Committee on the provisions of the Bill as well. Commentators have … Continue reading Data Localization and “Critical Personal Data” Under India’s Personal Data Protection Bill

What’s Next for the New Executive Order and the DPRC?

Now that the Executive Order (EO) and DOJ regulations on the EU-US Data Privacy Framework have been released, what do those instruments require the government to do next? There are a few components to think about. First, what is next for the conduct of signals intelligence (SIGINT), and second, what is next for redress? This … Continue reading What’s Next for the New Executive Order and the DPRC?

Will the TADPF Executive Order Hit the Target?

By: Alex Joel, Senior Project Director and Shanzay Pervaiz, Senior Researcher With the new executive order for the Trans-Atlantic Data Privacy Framework (TADPF) expected soon, now is a good time to revisit the goal that it is intended to achieve: satisfying the legal requirements set out by the Schrems II decision. These are typically thought of as … Continue reading Will the TADPF Executive Order Hit the Target?

A Reminder of Where We Are Now

Rumors are circulating that the Trans-Atlantic Data Privacy Framework executive order will be released as soon as October 3rd. This follows the Biden Administration's announcement of an agreement in principle this year in March. The highly anticipated order brings exciting news, and questions, about how the framework will satisfy European legal requirements. We want to … Continue reading A Reminder of Where We Are Now

A Comparison of the ADPPA and Privacy Shield

This year brought exciting developments to privacy. In March, the Biden Administration announced the Trans-Atlantic Data Privacy Framework (TADPF) to facilitate transatlantic data transfers following the invalidation of the EU-US Privacy Shield.  In June, the House Committee on Energy and Commerce introduced the American Data Privacy and Protection Act (ADPPA), a promising step toward federal … Continue reading A Comparison of the ADPPA and Privacy Shield

Blocking Meta in Ireland—Will It Happen?

Written in consultation with Gabriela Zanfir-Fortuna, Senior Advisor. The Irish Data Protection Commission (DPC) has reportedly transmitted a draft order to its European Union (EU) counterparts that would block Meta from transferring any personal data to the U.S. In the meantime, the U.S. government is continuing to work on issuing the executive order and regulations described … Continue reading Blocking Meta in Ireland—Will It Happen?