Tag: Schrems II

Tag: Schrems II

Meta fined record €1,2bn by Irish Data Protection Commission for personal data transfers to the US

Meta Ireland was fined €1,2bn by the Irish Data Protection Commission for noncompliance with the GDPR in relation to transfers of personal data from the EU/EEA to the US   Meta Platforms Ireland Limited (“Meta Ireland”, formerly Facebook Ireland Limited) has been fined €1,2bn by the Data Protection Commission (DPC) in Ireland for transferring personal

The US CLOUD Act: what is the impact on European companies?

Following the approval of the CLOUD Act in the US, the Dutch Government requested a Memo on its application to EU Entities.   Under the GDPR, EU companies are required to comply with important data protection legislation or face serious monetary sanctions. Some critics have even argued about the GDPR’s extensive extraterritorial scope, which has

Google Analytics custom features do not make transfers legal, according to CNIL

CNIL has announced that even with the use of Google Analytics custom features, transfers are still not legal.    CNIL recently announced that even with the use of Google Analytics custom features, transfers are still not legal in the absence of a transfer deal between Europe and the US. This announcement was added in the

The concept of “data exporter” clarified by the Danish DPA

In the light of the Schrems II judgment by the CJEU, questions relating to the concept of “data exporter” have been clarified by the Danish DPA.     Since the CJEU’s Schrems II judgment, the Danish Data Protection Agency has received an increasing number of questions relating to the transfer of personal data to third countries.

New agreement on EU-US data transfers

For companies which depend on cross border data transfers, some needed relief may come in the form of a new agreement on EU-US data transfers.  The European Union and the U.S. recently announced that they had reached an agreement  “in principle” on a new framework for cross-border data transfers. This is expected to bring some

Meta considers EU shut down

Meta considers EU shut down in the absence of a framework for the storage of EU data on US servers.   Representatives from Meta have spoken up about the possibility of the company having to shut down Instagram and Facebook services in the EU, unless a framework is implemented which allows them to store EU

Stop using Google Analytics: CNIL gives formal notice to website managers.

CNIL has given formal notice to website managers to come into compliance and to stop using Google Analytics due to illegal EU – US Data transfers.    CNIL has joined several other EU watchdogs in ordering website managers to stop using Google Analytics. As a result of several complaints being filed by NOYB, against a

Explore alternatives to Google Analytics: advice from the Norwegian DPA

With multiple European authorities ruling against the use of this service, the Norwegian DPA suggests that companies explore alternatives to Google Analytics.    In a recent blog, we covered why the use of Google Analytics (and Stripe) by the European Parliament was considered a violation of the Court of Justice’s (CJEU) “Schrems II” ruling on

EDPS reprimands European Parliament for use of Google Analytics

Illegal EU-US data transfers by the European Parliament lead to sanction from EDPS    Due to a complaint made approximately one year prior, the European Parliament has been sanctioned by the EDPS over illegal EU-US data transfers, among other violations. On a COVID-19 testing site, the use of Google Analytics and Stripe (both US companies)

Facebook loses challenge as court rules in favor of DPC

Facebook loses challenge as court rules in favor of DPC’s draft decision for an inquiry and suspension of Facebook’s data transfers to the US.  Following the Schrems II judgement of last July, the Irish Data Protection Commission, launched an inquiry into Facebook Ireland Ltd, and suspended the company’s EU-US data flows. Facebook disagreed with, and