EU-US Privacy Shield: Legal Certainty for US Companies

A new data privacy protection agreement has been tentatively reached between the U.S. and the EU. This new agreement to be called the “EU-US Privacy Shield” replaces the 15-year-old EU-US Safe Harbor Program that US companies have relied on to ensure legal certainty when personal data from the EU to the US. The EU-US Safe […]

Facebook Page Administrators Faced with the Floodgate of Liability

The powerful nature of the GDPR has instilled fear among businesses across the globe. As most companies rush toward compliance, some try to hide behind others. Just weeks after the GDPR came into effect, the European Court of Justice (ECJ) decided a case that made clear that businesses cannot avoid liability by hiding behind other […]

GDPR: What to do in a “No Deal” Brexit Scenario?

What to do in a No-Deal-Brexit Scenario What happens to your GDPR Compliance Program in the event that the UK leaves the EU without striking an agreement with the EU.   Here is a summary of actions you will likely need to take, followed by a more detailed explanation.  Revise your standard contractual clauses for transfers […]

Email Marketing Post-GDPR: Untangling Recital 47 in the Pre-ePR Era

On May 25th, 2018, EU lawmakers unleashed the GDPR—a new privacy law capable of delivering a financial blow to businesses across the globe, not just in Europe. The data which drives email marketing programs must be processed and stored in accordance with the GDPR. Recital 47 of the GDPR states: “The processing of personal data […]

Japan and the EU Strike Secure Data Flow Agreement

As the trade tensions rise between the United States and China, Japan and the EU signed a “reciprocal adequacy agreement” that recognizes each other’s data protection regimes as equivalent, which will allow personal data to flow safely between them, creating the world’s largest region of secure data flows. Why is this agreement so important? Cross-border […]

GDPR versus Direct Marketing: Re-consenting for Marketing Data?

As the new sheriff in town, the GDPR casts a dark shadow over businesses processing direct marketing data. The regulation has companies wondering if they must obtain new consents for their entire marketing database. The answer is, “it depends.” This problem arises from Recital 171 of the GDPR which states: “Where processing is based on […]

Skip to content