PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Webinar – GDPR Enforcement: A Conversation with Max Schrems Blog

In case you missed my discussion with Max Schrems, you can watch the replay here.  We discussed cross-border data transfer, litigation challenges and strategies, and potential reforms of the GDPR enforcement process.

New Casebook – EU Data Protection and the GDPR

EU Data Protection and the GDPR Casebook

I’m pleased to announce that Paul Schwartz and I have launched a new casebook, EU Data Protection and the GDPR. Developed from the casebook Information Privacy Law, this paperback contains key cases and materials focusing on privacy issues related to the GDPR and data protection in the European Union. Topics covered include the GDPR, Schrems cases, […]

Video – Privacy Conversations – Schrems II Aftermath with Justin Antonipillai and Peter Swire

  In this video, I discuss the aftermath of Schrems II with Justin Antonipillai (Wirewheel) and Peter Swire (Georgia Tech and Alston & Bird). Peter Swire’s new Lawfare piece on how to address the individual redress issue is After Schrems II: A Proposal to Meet the Individual Redress Challenge.

Schrems II: Reflections on the Decision and Next Steps

Schrems II - US Surveillance Law

Professor Paul Schwartz and I recently edited the Schrems II decision for our Information Privacy Law casebook.  Schrems II is short for Facebook Ireland Ltd. v. Maximillian Schrems — the second challenge by Maximillian Schrems to the transfer of data between the EU and US.  In Schrems I, the European Court of Justice (CJEU) invalidated the Safe […]

The Impact of the Schrems II Decision: An Interview with Wim Nauwelaerts

Schrems II

In Facebook Ireland Ltd. v. Maximillian Schrems (Schrems II) (July 16, 2020), the European Court of Justice (CJEU) invalidated the Privacy Shield, a widely-used method to transfer personal data from the EU to the US. The decision also put other data transfer mechanisms—Standard Contractual Clauses (SCC) and Binding Corporate Rules (BCRs)—into significant doubt. The court’s concern was the deficiency of […]

Video: Schrems II Initial Reactions with Daniel Solove, Justin Antonipillai, Gabriela Zanfir-Fortuna, Jocelyn Aqua, Ralf Sauer, and Bob Litt

  Yesterday, the European Court of Justice issued its decision in Facebook Ireland v. Schrems, a case known as Schrems II.  The court’s opinion sent shock waves throughout the privacy world.  I had a terrific discussion with Justin Antonipillai (Wirewheel), Gabriela Zanfir-Fortuna (Future of Privacy Forum), Ralf Sauer (European Commission), Jocelyn Aqua (PwC) and Bob […]

The Schrems II Decision

Privacy Shield

The European Court of Justice has finally issued its decision in Facebook Ireland Ltd. v. Maximillian Schrems — otherwise known as Schrems II. The full text of the Schrems II opinion is here. The result: The US-EU Privacy Shield Framework is invalid.  The Standard Contractual Clauses are valid.  Ultimately, this means that it is still […]

Video- Challenges of Privacy Notices, Schrems II, and Other Privacy Issues – A Conversation with Daniel Solove, Justin Antonipillai, and Andy Dale

Video Solove Antonipillai Dale

In this video, Daniel Solove (TeachPrivacy, GW Law), Justin Antonipillai (Wirewheel), and Andy Dale (Alyce) discuss the challenge of writing privacy notices, Schrems II, and other privacy issues.