EU E-Privacy Directive

On July 10, 2023, the European Commission adopted its long-awaited adequacy decision on the EU-U.S. Data Privacy Framework (the “Framework”) thereby concluding that the United States ensures an adequate level of protection for personal data that are transferred from the European Union to companies in the U.S. that participate in the Framework.

The

Data typically is needed to train and fine-tune modern artificial intelligence models. AI can use data – including personal information – to recognize patterns and predict results.

Companies that utilize personal information to train an AI may either be acting as a controller or a processor depending on the degree of discretion that they exercise

All contracts that used the traditional Standard Contractual Clauses must be updated and repapered by 27 December 2022. To help companies comply with the deadline, Greenberg Traurig’s Data Privacy & Cybersecurity Group has compiled a 90-page guide explaining how to apply the new Standard Contractual Clauses in over 40 different transfer scenarios – ranging from

On Oct. 18, 2022, the UK Information Commissioner’s Office (ICO) updated its “Guidance on Direct Marketing Using Electronic Mail,” providing refreshed FAQs regarding what constitutes electronic mail marketing, related rules and responsibilities, and miscellaneous clarifications to compliance questions such as “are tracking pixels covered by the electronic mail marketing rules?” (Short answer: technically no, but

The long-awaited UK data transfer mechanism has been published by the Information Commissioner’s Office (ICO), resolving the question of how international transfers of personal data from the UK will be handled post-Brexit. As a refresher, the European Commission published four new versions of the EU standard contractual clauses (SCCs) in June 2021. However, these new

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Controller (EEA)→ Controller (EEA)→ Branch Office (US)
  • Background. Company B is a European entity, that has a branch office in the United States (which is not a separate legal entity). While data

On 04 June 2021, the EU Commission adopted two new sets of standard contractual clauses (SCC): one set for the transfer of personal data from the EU to third countries (Cross-Border SCC) and another set addressing certain clauses in controller-processor data processing agreements (DPA-SCC). The adoption was made some seven months after initial drafts

On Wednesday, May 12, 12:00 – 1:00 p.m. ET, join GT for a webinar on the current state of the law in the United States and Europe when it comes to the use of cookies, pixels, scripts, and other tracking technologies online.

New laws, including the California Consumer Privacy Act (CCPA), the California Privacy

After more than four years of negotiations, the Regulation on Privacy and Electronic Communications (ePrivacy Regulation), which will replace the ePrivacy Directive (2002/58/EC), appears to be at a turning point. On Feb. 10, 2021, the Council of the European Union announced it has adopted a consolidated version (the “Council’s Position”) which will be the basis

We have a deal! After several months of negotiations, on 24 December 2020, the EU and the UK announced that they have finally agreed on an agreement regulating trade and cooperation between the UK and the remaining 27 member states after 31 December 2020 (Trade Agreement). From a data protection perspective, this is welcome news