Skip to content

Menu

LexBlog, Inc. logo
NetworkSub-MenuBrowse by SubjectBrowse by PublisherBrowse by ChannelAbout the NetworkJoin the NetworkProductsSub-MenuProducts OverviewBlog ProBlog PlusBlog PremierMicrositeSyndication PortalsAbout UsContactSubscribeSupport
Book a Demo
Search
Close

President Biden Signs Executive Order on U.S. Intelligence Activities to Implement EU-U.S. Data Privacy Framework

By Rajesh De, Marcus A. Christian, Veronica R. Glick, Arsen Kourinian, Stephen Lilley, Dominique Shelton Leipzig, David A. Simon, Howard W. Waltzman, Oliver Yaros, Ana Hadnes Bruder, Ellen Hepworth & Megan Von Borstel on October 10, 2022
Email this postTweet this postLike this postShare this post on LinkedIn

On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities,1 which is intended to implement U.S. commitments under the Trans-Atlantic Data Privacy Framework (DPF) announced in March 2022. With the new executive order, the Biden administration aims to strengthen the legal foundation for trans-Atlantic data flows following the 2020 Schrems II decision in which the Court of Justice of the European Union (CJEU) struck down the European Commission’s adequacy decision underlying the EU-U.S. Privacy Shield framework self-certification scheme. The executive order creates additional privacy and civil liberties safeguards for U.S. signals intelligence collection activities, as well as a new “Signals Intelligence Redress Mechanism,” which includes a new “Data Protection Review Court.” The European Commission is next expected to prepare a draft adequacy decision to adopt the DPF as a valid transfer mechanism for transfers of personal data from the European Union to the United States.

This Legal Update summarizes the key developments under the executive order, what will come next from the EU, and alternative bases for EU-U.S. data transfers while the EU evaluates the DPF as implemented through the executive order.

Continue reading.

Rajesh De

Raj De serves on Mayer Brown’s global Management Committee. He was previously the Managing Partner of Mayer Brown’s Washington DC office, which is comprised of more than two hundred lawyers. He leads the firm’s global Cybersecurity & Data Privacy practice, as well as…

Raj De serves on Mayer Brown’s global Management Committee. He was previously the Managing Partner of Mayer Brown’s Washington DC office, which is comprised of more than two hundred lawyers. He leads the firm’s global Cybersecurity & Data Privacy practice, as well as the firm’s National Security practice, and serves as a member of the firm’s Congressional Investigations & Crisis Management team. After nearly two decades in private practice and public service across all three branches of the United States government, Raj is one of the most trusted voices in Washington. He has held senior appointments in the White House, the Department of Justice (DOJ) and the Department of Defense (DOD). Raj returned to Mayer Brown in 2015 after serving as General Counsel at the United States National Security Agency (NSA). Since returning to the firm, Raj has received numerous recognitions, including by American Lawyer (“Lateral All-Star”), Washingtonian magazine (“Top Lawyer”), The National Law Journal (“Cybersecurity and Data Privacy Trailblazer”), and Cybersecurity Docket (“Incident Response 30”).

Raj focuses his practice on cutting-edge legal and policy issues at the nexus of technology, national security, law enforcement and privacy. He advises clients, including management teams and boards of directors, in connection with crisis management, government and internal investigations, high-stakes litigation, regulatory enforcement matters, and congressional inquiries. Raj provides clients with strategic counseling and practical legal advice, drawing upon a wealth of experience in government service and private practice.

Read Raj’s full bio.

Read more about Rajesh DeEmail
Show more Show less
Photo of Marcus A. Christian Marcus A. Christian

Marcus Christian is a co-leader of the Washington DC Litigation & Dispute Resolution practice and a partner in Mayer Brown’s Cybersecurity & Data Privacy practice and White Collar Defense & Compliance group. Since joining Mayer Brown in 2013, Marcus has represented clients in…

Marcus Christian is a co-leader of the Washington DC Litigation & Dispute Resolution practice and a partner in Mayer Brown’s Cybersecurity & Data Privacy practice and White Collar Defense & Compliance group. Since joining Mayer Brown in 2013, Marcus has represented clients in matters involving data security planning, board governance of cybersecurity, cyber fraud, data breach response, and congressional investigations, among others.

Marcus is a recognized leader in cybersecurity. He has been named to Cybersecurity Docket’s “Incident Response 30,” recognizing 30 of the “best and brightest data breach response lawyers in the business” three times. The publication also noted that those recognized “have established themselves as the ‘first call’ for companies hit with a cyber attack or other data security incident.” Marcus was also named to the Washingtonian’s Top Lawyer list in 2018 and 2019.

Read Marcus’s full bio

Read more about Marcus A. ChristianEmailMarcus's Linkedin Profile
Show more Show less
Photo of Veronica R. Glick Veronica R. Glick

Veronica Glick is a partner in Mayer Brown’s Washington, DC office and a member of the firm’s National Security and Cybersecurity & Data Privacy practices. She is also a member of the firm’s Litigation & Dispute Resolution practice and Congressional Investigations & Crisis…

Veronica Glick is a partner in Mayer Brown’s Washington, DC office and a member of the firm’s National Security and Cybersecurity & Data Privacy practices. She is also a member of the firm’s Litigation & Dispute Resolution practice and Congressional Investigations & Crisis Management team. Veronica focuses her practice on complex and cutting-edge legal issues regarding national security, cybersecurity and international law, with particular experience responding to multijurisdictional cyber incidents.

Read Veronica’s full bio.

Read more about Veronica R. GlickEmail
Show more Show less
Photo of Arsen Kourinian Arsen Kourinian

Arsen Kourinian is a partner in Mayer Brown’s Los Angeles office and a member of the Cybersecurity & Data Privacy practice. He is a certified data privacy professional and holds the fellow of information privacy (FIP) and certified information privacy professional (CIPP) credentials…

Arsen Kourinian is a partner in Mayer Brown’s Los Angeles office and a member of the Cybersecurity & Data Privacy practice. He is a certified data privacy professional and holds the fellow of information privacy (FIP) and certified information privacy professional (CIPP) credentials through the International Association of Privacy Professionals (IAPP) for the United States (CIPP/US), Europe (CIPP/E), Canada (CIPP/C), and Asia (CIPP/A). He also holds the IAPP certified information privacy manager (CIPM) designation and Privacy Management Professional certificate through OneTrust. Arsen further helps educate the next generation of data privacy professionals by serving as the chair of the CIPP/US Exam Development Board.

Arsen is a thought leader in data privacy and adtech, having published many articles regarding nuanced issues in these fields, presenting on these topics for numerous organizations and trade association groups, and working with companies to shape the data protection landscape in this ever-evolving area.

Read Arsen’s full bio.

Read more about Arsen KourinianEmail
Show more Show less
Photo of Stephen Lilley Stephen Lilley

Stephen Lilley is a partner in the Washington DC office of Mayer Brown. He focuses his practice on helping clients navigate cutting-edge and interrelated litigation, regulatory, and policy challenges. A member of the firm’s Litigation and Cybersecurity & Data Privacy practices, Stephen develops…

Stephen Lilley is a partner in the Washington DC office of Mayer Brown. He focuses his practice on helping clients navigate cutting-edge and interrelated litigation, regulatory, and policy challenges. A member of the firm’s Litigation and Cybersecurity & Data Privacy practices, Stephen develops strategies to manage legal risks and to shape regulatory policy across a broad range of substantive areas.

Stephen has significant experience working with clients to identify, evaluate, and manage cybersecurity and data privacy risks; responding to cyber incidents and vulnerability disclosures; and defending businesses in related litigation. Stephen is regularly called upon to advise senior executives and board members on their most challenging cybersecurity risks, to help companies develop governance programs to mitigate those risks, and to lead training exercises to implement and refine those programs. Stephen has particular experience advising on cybersecurity and national security issues relating to the Internet of Things, including vehicles and medical devices, and to manufacturing, critical infrastructure, and other industrial systems. Widely recognized for his cybersecurity law and policy experience, Stephen previously served as Chief Counsel to the Senate Judiciary Committee’s Subcommittee on Crime and Terrorism, where he focused on cybersecurity issues.

Read Stephen’s full bio.

Read more about Stephen LilleyEmail
Show more Show less
Photo of Dominique Shelton Leipzig Dominique Shelton Leipzig

Dominique Shelton Leipzig is a partner in Mayer Brown’s Los Angeles office and a member of the Cybersecurity & Data Privacy practice. She serves as the lead for the Global Data Innovation as well as Ad Tech Privacy & Data Management practices. She…

Dominique Shelton Leipzig is a partner in Mayer Brown’s Los Angeles office and a member of the Cybersecurity & Data Privacy practice. She serves as the lead for the Global Data Innovation as well as Ad Tech Privacy & Data Management practices. She is one of the country’s top privacy and data lawyers and her considerable experience helps clients navigate the evolving legal compliance issues related to privacy and data security for their digital data initiatives.

With more than 30 years of experience, Dominique provides strategic privacy and cyber-preparedness compliance advice, and defends, counsels and represents companies on privacy, global data security compliance, data breaches and investigations. Her experience includes defending companies under investigation by the Federal Trade Commission, attorneys general offices and other regulatory and government authorities. She advises companies on best practices in privacy, cybersecurity, data, mobile, cloud storage, Ad Tech privacy, Internet of Things and other areas of regulatory compliance.

Read Dominique’s full bio.

Read more about Dominique Shelton LeipzigEmail
Show more Show less
Photo of David A. Simon David A. Simon

David Simon is a partner in Mayer Brown’s Washington DC office and a leading member of the global Cybersecurity & Data Privacy practice. He is also a member of the firm’s National Security and Government Contracts practices. A former special counsel at the…

David Simon is a partner in Mayer Brown’s Washington DC office and a leading member of the global Cybersecurity & Data Privacy practice. He is also a member of the firm’s National Security and Government Contracts practices. A former special counsel at the US Department of Defense (DoD) and chief cyber counsel to the US Cyberspace Solarium Commission, David has deep experience advising victims of ransomware attacks and state-sponsored cyber activity. Named as a Cybersecurity Trailblazer by The National Law Journal, David has also been named to Cybersecurity Docket’s “Incident Response 40,” a collection of 40 of the “best and brightest” incident response attorneys in the country. David regularly supports clients as the lead investigator and crisis manager for cross-border cyber incidents, including data breaches involving personal data, nation-state threats targeting intellectual property, state-sponsored theft of sensitive U.S. government information, and destructive attacks. David has directed and advised on dozens of complex cyber incident and data breach investigations in the last few years alone. He has counseled companies on major cyber incidents and incident preparedness across virtually every sector of the economy. David represents financial institutions, automotive manufacturers and self-driving car companies, tech companies, telecommunications companies, healthcare companies, insurance companies, defense and aerospace companies, private equity firms and their portfolio companies.

Read David’s full bio.

Read more about David A. SimonEmailDavid's Linkedin Profile
Show more Show less
Photo of Oliver Yaros Oliver Yaros

Oliver Yaros is a partner in the Intellectual Property & IT Group as well as the Technology & IP Transactions and Cybersecurity & Data Privacy practices of the London office of Mayer Brown. He advises clients on technology and outsourcing transactions with a…

Oliver Yaros is a partner in the Intellectual Property & IT Group as well as the Technology & IP Transactions and Cybersecurity & Data Privacy practices of the London office of Mayer Brown. He advises clients on technology and outsourcing transactions with a particular focus on fintech and digital transformation projects, as well as clients operating within a broad range of sectors on data protection matters and cybersecurity incidents, intellectual property transactions and related issues.

Read Oliver’s full bio.

Read more about Oliver YarosEmail
Show more Show less
Photo of Ana Hadnes Bruder Ana Hadnes Bruder

Ana Hadnes Bruder is a partner in Mayer Brown’s Frankfurt office and an active member of the global Cybersecurity & Data Privacy practice. She is also a member of the firm’s Intellectual Property practice. Ana advises clients on data privacy and cybersecurity matters…

Ana Hadnes Bruder is a partner in Mayer Brown’s Frankfurt office and an active member of the global Cybersecurity & Data Privacy practice. She is also a member of the firm’s Intellectual Property practice. Ana advises clients on data privacy and cybersecurity matters, including preparing for and reacting to cyber-attacks, assessing and making required data breach notifications, analyzing data protection implications of new products and tools and providing strategic advice with a focus on cross-border data processing. Ana further advises on Technology Transactions including cloud services, data and software licensing agreements, SaaS agreements, software development projects, e-commerce, and related Cybersecurity & Data Privacy questions.

Ana is a registered lawyer in Germany and Brazil and has ten years of international experience as legal counsel in Brazil, France and Germany. Ana started her career at Mayer Brown in the Dispute Resolution practice where she represented clients in litigation and arbitration proceedings involving complex commercial, intellectual property and liability matters.

Before joining Mayer Brown, Ana gained experience representing foreign clients in judicial proceedings in Brazil and also worked as in-house counsel for a leading French company in Paris.

Read full bio

Read more about Ana Hadnes BruderEmail
Show more Show less
  • Posted in:
    Privacy & Data Security
  • Blog:
    Inside Cybersecurity & Privacy Law
  • Organization:
    Mayer Brown

LexBlog, Inc. logo
Facebook LinkedIn Twitter RSS
Real Lawyers
99 Park Row
  • About LexBlog
  • Careers
  • Press
  • Contact LexBlog
  • Privacy Policy
  • Editorial Policy
  • Disclaimer
  • Terms of Service
  • RSS Terms of Service
  • Products
  • Blog Pro
  • Blog Plus
  • Blog Premier
  • Microsite
  • Syndication Portals
  • LexBlog Community
  • Resource Center
  • 1-800-913-0988
  • Submit a Request
  • Support Center
  • System Status
  • Resource Center
  • Blogging 101

New to the Network

  • Tennessee Insurance Litigation Blog
  • Claims & Sustains
  • New Jersey Restraining Order Lawyers
  • New Jersey Gun Lawyers
  • Blog of Reason
Copyright © 2025, LexBlog, Inc. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo