The World Bank Group (the Bank) published a joint Sanctions System Annual Report for fiscal year 2019 on October 10. This report, which reflects on the Sanctions System’s growth since its implementation twenty years ago, provides an overview of activities undertaken by the Bank’s Integrity Vice Presidency (INT), Office of Suspension and Debarment (OSD), and

Yesterday, the European Commission (EC) adopted its long-awaited decision endorsing the EU-US privacy shield. This is the latest milestone in restoring a stable legal basis for transatlantic flows of personal data, since the Court of Justice of the EU annulled the EU-US Safe Harbor program in its judgment in the Schrems case in October 2015.
Continue Reading European Commission Endorses EU-US “Privacy Shield”

Last month, Turkey’s new “Law on the Protection of Personal Data” entered into force.  It provides a framework similar to the European Union’s data protection regime.  The law applies to personal data processed “wholly or partly by automatic means” and to non-automatic processing of personal data “which form part of a filing system.”  The law also requires the establishment of a Data Protection Authority and a Data Protection Board by October 7, 2016 to oversee its provisions, including establishing and maintaining a registry of active data controllers, which must register with the Board.

The law defines “personal data” as any information relating to an identified or identifiable living individual.  It defines “sensitive data” (on which additional processing obligations are imposed) as information that reveals racial or ethnic origin; political opinions; religious or philosophical beliefs; appearance; memberships in unions, associations or foundations; as well as information about health, sexual life, criminal records, punitive measures, and biometric and genetic data.
Continue Reading Turkey Enacts Data Protection Law

On April 29, 2016 the Canadian Supreme Court ruled that the Ontario Superior Court of Justice could not compel the World Bank to produce records or require its personnel to testify in court. The case, World Bank Group v. Wallace, challenged the immunities granted to the Bank that cover its archives and employees. Over

In 2015, enforcement of the Foreign Corrupt Practices Act (FCPA) continued to evolve as US government agencies focused their investigations and other countries ramped up their own involvement. While enforcement statistics and monetary penalties remained steady, or even lower than previous years, 2015 trends pointed towards a more complex compliance environment going forward, with increasing

On the October 2 episode of the Steptoe Cyberlaw Podcast, Maury Shenk and Stewart Baker discussed the implications of a highly influential advisor to the European Court of Justice (ECJ) criticizing the “Safe Harbor” agreement between the European Union and the United States that allows companies to transfer data between both regions,