A SPECIAL "BONG" REPORT FROM JONATHAN MAAS: a look back at how the US-EU data Privacy Shield tug-of-war has played out via BONG! over the past years


Curated by:

Cassandra Este
Social Media Manager
Project Counsel Media



27 July 2020 (Paris, France) - Last week the Court of Justice of the European Union (the "CJEU") invalidated the EU-U.S. Privacy Shield Framework as part of its judgment in the Schrems II case.

In its judgment, the CJEU concluded that the Standard Contractual Clauses (defined in the links below) issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid, but it struck down the Privacy Shield framework on the basis that the limitations on U.S. public authorities' access to EU personal data were not sufficient for the level of protection in the U.S. to be considered equivalent to that ensured in the EU, and that the framework does not grant EU individuals actionable rights before a body offering guarantees that are substantially equivalent to those required under EU law.

So given these privacy-related events in Europe Jonathan thought it would be useful to look back at how the US-EU privacy tug-of-war has played out via his BONG! reports over the past for years. As he notes "we could all see the tension building!"

And for new readers, among his many activities in the world of managing electronic and hard copy data and information governance at the helm of the eponymous ...


... Jonathan Maas compiles and distributes material he thinks helpful to the e-discovery and e-disclosure and information governance community. He does that via a daily email blast entitled BONG!  

In addition to our own news and comment on the legal market and legal technology (plus our political rants and ramblings), we Tweet Jonathan's daily BONG! on one of our Twitter accounts which you can access by clicking here

NOTE:  you can subscribe directly to Jonathan's daily BONG! reports so you do not miss a thing by emailing him here:  Jonathan@MaasConsultingGroup.com
 
 
Jonathan has arranged these in chronological order, with the most recent item starting off the list: 

BONG!


Schrems II: Reflections on the decision and next steps
( TeachPrivacy: Professor Daniel Solove)
 
"Privacy Shield is dead and the Standard Contractual Clauses are in a coma on life support."   (BONG 27/07/20) 

BONG!


"Return EU data currently stored in the US back to the EU".  Berlin's data protection commissioner reacts to the Schrems II decision
( Project Counsel Group Media: Alexis de Hahn)
 
"In Berlin, the data protection commissioner takes a very stringent approach to Schrems II."   (BONG 27/07/20) 

BONG!

Schrems and the future of EU-US data transfers (or lack thereof...)
( Medium: Lydia de la Torre [Golden Data])
 
"Everyone knows the story of the privacy shield. Or at least they think they do. But, I'll let you in on a little secret: nobody knows the real story, because nobody has ever heard my version of it."   (BONG 24/07/20)  

BONG!


The Schrems judgment - Transfer Impact Assessments for international data transfers?  
( Linklaters: Richard Cumbley, Tanguy van Overstraeten, Georgina Kon)
 
"Privacy shield is no longer a valid adequacy instrument to enable personal data transfers to the US because US state surveillance powers are excessive."  (BONG 24/07/20)  

BONG!


What privacy shield organisations should do in the wake of Schrems II  
( The Privacy Advisor: Brian Hengesbaugh)
 
"What is to be expected, however, is that organisations participating in privacy shield should have a plan for how they are going to address the issues, start implementing that plan as soon as reasonably possible and be ready to discuss with authorities, business partners, customers and others as needed."  (BONG 24/07/20)  

BONG!


Privacy by design: Responding to the EU-US privacy shield ruling  
( Forbes: Sam Curry)
 
"The question has now become how do CIOs and CISOs exercise data autonomy and easily identify which vendors can make the journey soon enough to avoid fines versus which ones can't. In other words, which ones operate on a privacy-by-design principle and which ones don't."  (BONG 23/07/20)  

BONG!

DPOs encouraged to act now on invalid privacy shield  
( Infosecurity: Dan Raywood)  
 
"Businesses should prepare for the post-privacy shield era now, and get binding corporate rules and standard contractual clauses in place for their own data protection."  (BONG 21/07/20)  

BONG!
You Were Only Supposed To Blow The Bloody Doors Off! - The Italian Job (3/10) Movie CLIP (1969) HD
EU Court of Justice at work

"You were only supposed to blow the bloody doors off!"  Schrems II the day after  
( The Project Counsel Media: Alexis de Hahn)  
 
"So, the EU Court of Justice has struck down the so-called privacy shield data protection arrangements between the political bloc and the US, triggering a fresh wave of legal confusion and gnashing of teeth over the transfer of EU subjects' data to America."  (BONG 20/07/20)  

BONG!

EU-US privacy shield  
( UK Information Commissioner's Office)
 
"We are currently reviewing our privacy shield guidance after the judgment issued by the European Court of Justice. If you are currently using privacy shield please continue to do so until new guidance becomes available. [Conversely], please do not start to use privacy shield during this period."  (BONG 20/07/20)  

BONG!


EU takes an axe to Privacy Shield and warns on Standard Data Transfer Clauses  
( LinkedIn: Jeremy Morton [Temple Bright])
 
"The Court's ruling, in the 'Schrems/Facebook' complaint originating in Ireland, also provides that standard contractual clauses for transfer outside the EU cannot be relied on without verifying adequate protection for the data in the recipient country."  (BONG 16/07/20)  


BONG!


EU Parliament debates: Could California be considered "adequate" on its own?  
( The Privacy Advisor: Jennifer Baker)
 
"If the court does invalidate Privacy Shield, and if a US state such as California decided to apply for an adequacy decision, would the commission consider such an application?"  (BONG 16/01/20)  

BONG!


UK firms may soon find it impossible to legally receive data from the EU  
( IT Pro: Dale Walker)
 
"The case being heard, often referred to as Safe Harbour 2.0, is assessing the legitimacy of the standard contractual clause (SCC), a mechanism that many businesses use to adhere to GDPR laws when sending data beyond EU jurisdiction."   (BONG 19/07/19)  

BONG!


From Luxembourg, a look at Schrems II.  Is the Privacy Shield poised to hit the recycling bin?  Both sides are worried the final ruling could be sweeping  
( Gregory Bufithis)  
 
"What Max Schrems began six years ago has ballooned into a European legal battle with global economic implications."   (BONG 10/07/19) 
 

BONG!


Staring down the intersection of ePrivacy, GDPR and Privacy Shield
( CMS Wire)   (BONG 31/08/18)


BONG!



On the EU's call for a suspension of the US's Privacy Shield framework
( KPMG (BONG 13/07/20)



BONG!



California company settles FTC charges related to Privacy Shield participation    (BONG 13/07/18)
( ComplexDiscovery )  
 


BONG!



European Parliament calls for suspension of Privacy Shield
( Computer Weekly )  (BONG 06/07/18)


BONG!



Privacy Shield under threat by US non-compliance     (BONG 12/06/20)
( Computer Weekly )
    

BONG!



Court refuses to allow EU privacy laws to shield US company from discovery obligations   (BONG 09/04/18)
( JD Supra )  


BONG!



BONG!

US Privacy Shield enforcement begins  
( Cordery )  (BONG 11/09/17)


BONG!



How does the EU-US Privacy Shield affect cross-border discovery?
( D4 )   (BONG 02/10/17)



BONG!




EU Parliament adopts a Resolution on the adequacy afforded by the EU-US Privacy Shield (BONG 11/04/17)




BONG!



The practical global corporate data approaches to the EU-US Privacy Shield (BONG 12/12/16)


BONG!



How does the new Privacy Shield work? (BONG 30/11/16)
 

  
BONG!



Details of legal challenge to Privacy Shield revealed (BONG 14/11/16)



 

REMINDER:  you can subscribe directly to Jonathan's daily  BONG!  reports so you do not miss a thing by emailing him here:  Jonathan@MaasConsultingGroup.com
 

 



[ For the URL link to this post click here ]

 
The Project Counsel Group

contact us at:

operations@infotecheurope.com
 



Follow us on Twitter

View our profile on LinkedIn