The Court of Justice of the European Union (CJEU)’s historic decision in Schrems II, in which the EU-U.S. Privacy Shield was invalidated, requires businesses to rethink the mechanism they can rely on to transfer personal data from the EU to the United States and other countries. However, how the decision will be enforced remains uncertain. Despite the invalidation of Privacy Shield, the U.S. Department of Commerce issued a statement that it “will continue to administer…

GT San Francisco Shareholder Gretchen Ramos will join the PrivacyConnect San Francisco panel on Monday, July 27, 2020, at 9:00 a.m. PST. The event is free and will provide an overview of the latest global regulatory updates, requirements, and trends. This program will cover North America privacy updates and cookie consent, concluding with a panel discussion where audience members will be able to ask questions on the most pressing local issues facing today’s privacy and security…

Kate Black of Greenberg Traurig LLP led the development of genetic testing company 23andMe’s law enforcement protocol and program and continues to advise companies with innovative technologies about how to use data appropriately with consumers’ privacy in mind, earning her a spot among cybersecurity and privacy attorneys under age 40 honored as Law360 Rising Stars. Read “Rising Star: Greenberg Traurig’s Kate Black.” (subscription)…

The Court of Justice of the European Union (CJEU) declares invalid a decision of the European Commission which attested that the EU-U.S. Privacy Shield provided adequate protection to personal data transferred from the EU to the U.S., if the receiving party had self-certified its adherence to the Privacy Shield Principles. At the same time, the CJEU clarifies that the so-called standard contractual clauses (SCC) may still be used – with important caveats. Click here to…

It has been a busy time for the California Consumer Privacy Act (CCPA)—enforcement begins July 1st, final implementing regulations have been submitted for approval, and qualifying signatures for a wide-ranging “CCPA v2.0” ballot initiative are in the process of being counted. Yet the effect of the CCPA on digital advertising, mobile applications and websites remains a complex area prone to confusion. If you are unclear about how CCPA impacts your organization’s advertising activities and the…

On June 24, the California Secretary of State announced that the California Privacy Rights Act (CPRA) has qualified as a statewide ballot initiative to be listed on this November’s General Election ballot. The announcement follows official confirmation that the nonprofit group behind the ballot initiative, Californians for Consumer Privacy, obtained in excess of the 623,212 signatures needed in order to qualify for the statewide ballot. This was verified by county elections officials via a random …

Following much anticipation, the Office of the California Attorney General (OAG) moved one step closer to the California Consumer Privacy Act (CCPA)’s wide-ranging implementing regulations becoming enforceable by law by filing the final CCPA Regulations with the California Office of Administrative Law (OAL) on June 1. The CCPA grants the OAG the authority to begin enforcing the law on July 1, 2020. Whereas the OAG can enforce the CCPA on that date, businesses have been…