Archives: Data Privacy

Subscribe to Data Privacy RSS Feed

Three Recent Cybersecurity and Information Systems Management Rules Impact Government Contractors

In the past two months, the federal government has issued several cybersecurity-related regulations that are or will be directly or indirectly applicable to a wide variety of federal contractors and subcontractors.  Additional rules (including a blanket FAR provision) are expected, but the three rules below present an interrelated set of requirements and standards that federal … Continue Reading

European Commission Endorses EU-US “Privacy Shield”

Yesterday, the European Commission (EC) adopted its long-awaited decision endorsing the EU-US privacy shield. This is the latest milestone in restoring a stable legal basis for transatlantic flows of personal data, since the Court of Justice of the EU annulled the EU-US Safe Harbor program in its judgment in the Schrems case in October 2015.… Continue Reading

Turkey Enacts Data Protection Law

Last month, Turkey’s new “Law on the Protection of Personal Data” entered into force.  It provides a framework similar to the European Union’s data protection regime.  The law applies to personal data processed “wholly or partly by automatic means” and to non-automatic processing of personal data “which form part of a filing system.”  The law … Continue Reading

EU and US Propose “Privacy Shield” for Data Transfer

The proposed new “Privacy Shield” agreement for data transfer from the European Union to the US was released on February 29, 2016 by the European Commission and the US Department of Commerce. The new agreement aims to replace the invalidated Safe Harbor agreement (as previously discussed here, here and here) but will not take effect until the … Continue Reading

More on the ECJ “Safe Harbor” Decision

Following up on our earlier post, see Steptoe’s Cybersecurity Advisory for more details regarding the European Court of Justice decision on the EU-US “Safe Harbor” agreement. This Cybersecurity Advisory was authored by Stewart Baker, a partner in Steptoe’s Washington office; Michael Vatis, a partner in Steptoe’s New York office; and Maury Shenk, an advisor to Steptoe’s London office … Continue Reading

European Court Invalidates Safe Harbor Program

The US-EU Safe Harbor was invalidated by the European Court of Justice (ECJ) yesterday in Schrems v. Data Protection Commissioner, meaning that the Safe Harbor no longer provides a legal basis for transfers of personal information from the EU to the United States.  Companies that have relied on the Safe Harbor to justify the transfer of personal … Continue Reading

Maury Shenk and Stewart Baker Discuss the EU-US Safe Harbor Data Privacy Agreement on the Steptoe Cyberlaw Podcast

On the October 2 episode of the Steptoe Cyberlaw Podcast, Maury Shenk and Stewart Baker discussed the implications of a highly influential advisor to the European Court of Justice (ECJ) criticizing the “Safe Harbor” agreement between the European Union and the United States that allows companies to transfer data between both regions, subject to certain safeguards.  The ECJ … Continue Reading