Schrems v. Data Protection Commissioner

Latest in Schrems v. Data Protection Commissioner


Essentially Equivalent: A Comparison of the Legal Orders for Privacy and Data Protection in the E.U. and U.S.

Sidley Austin has released Essentially Equivalent: A Comparison of the Legal Orders for Privacy and Data Protection in the European Union and United States. The report—authored by a transatlantic team of attorneys and addressed to senior European officials and policymakers—provides a substantive roadmap for the comparative analysis of United States and E.U.


EU Commission Press Release on New EU-US Privacy Shield

U.S. and European Union data-regulators today reached a new legal framework that will govern the transfer of data across the Atlantic. The new agreement—called the E.U.-U.S. Privacy Shield—will replace the Safe Harbor agreement that was struck down by the European high court in October. That ruling, largely informed by news reports regarding U.S. surveillance practices, claimed that the United States did not adequately protect the privacy of Europeans. Even so, European and American negotiators appeared positive today that the new agreement will withstand court scrutiny.

Schrems v. Data Protection Commissioner

Explaining U.S. Surveillance Law Protections for an EU Audience

In October, the European Court of Justice and its Advocate General struck down as unlawful the EU/US Safe Harbor, which since 2000 has been a major way that US-based businesses could comply with the relatively strict EU privacy laws. Concerns about the weak protections in the US surveillance system were a major basis for striking down the Safe Harbor.

Safe Harbor

Final Thoughts on Reforming Surveillance and European Privacy Rules

Although it is a close call, the decision of the Court of Justice of the European Union (CJEU) in Schrems v. Data Protection Commissioner may turn out to be the most important consequence of the Snowden revelations. The CJEU invoked fears of NSA surveillance to strike down the safe harbor agreement that makes it easy for American companies to transfer personal information of Europeans to the United States.


U.S. Law Students' Chance to Shape Privacy Law and Expose European Hypocrisy

Many of us on this side of the Atlantic have believed for a long time that citizens’ data is protected as well or better from government access in the United States than it is in Europe, notwithstanding the extraordinary and emotional contrary narrative spurred by the Snowden revelations. Europeans nevertheless continue to challenge U.S. procedures for protecting information. In at least one respect, their position has merit: European citizens have heretofore had no standing to challenge alleged abuse of their data in this country. It appears that may be about to change.


More on Standing As a Barrier to Surveillance Challenges: Bug or Feature?

As I explained in my last post, American constitutional law requires that plaintiffs show they have been the subject of surveillance in order to establish standing to challenge intelligence programs in court. The intelligence community sees a narrow standing requirement of Article III as a feature of the United States Constitution. Human rights lawyers regard it as a bug.

The Cyberlaw Podcast

Steptoe Cyberlaw Podcast, Episode #85: An Interview with General Michael Hayden

Want to see cyber attribution and deterrence in action? In August, a hacker pulled the names of US military personnel and others out of a corporate network and passed them to ISIL. British jihadist Junaid Hussain exulted when ISIL released the names. “They have us on their ‘hit list,’ and we have them on ours too…,” he tweeted. On the whole, I’d rather be on theirs.


A Safe Harbor Briefing from Giovanni Buttarelli

Yesterday, DataGuidance and Sidley Austin LLP hosted a live Q&A wilth Giovanni Buttarelli, the European Data Protection Supervisor (EDPS), to discuss the state of play following the European Court of Justice's decision in Schrems v. Data Protection Commissioner, which effectively invalidated the Safe Harbor framework.

Mr. Buttarelli outlines how the situation is being resolved and what practical options companies can consider in the wake of the decision.


Redress for NSA Surveillance: The Devil Is in the Details

For years, European officials have been asking for the United States to make available to citizens of the European Union some form of redress for privacy harms. To address this concern, one idea has been to amend the Privacy Act to allow foreign citizens the right to challenge how the US government handles their data. Officials in the US and Europe share an interest in pretending this proposal would do something for EU citizens who fear surveillance by the NSA. We should drop the pretense: the Privacy Act does nothing to provide meaningful redress for NSA targets.

Subscribe to Lawfare