Locke Lord LLP (JD Supra European Union)

16 July 2020 will go down in data protection history. On that day, the EU Court’s decision in Schrems II dealt international data transfer a mighty blow.

As we flagged up in our post in December, there was a general expectation that the amended EU Withdrawal Agreement negotiated by Prime Minister Boris Johnson would be passed by the UK Parliament without amendment. While several amendments were attempted, none of them succeeded given the size of Johnson’s majority in the UK Parliament.

EBA’s revised Guidelines on Outsourcing Arrangements (Outsourcing Guidelines) came into force on 30 September 2019 and apply to all outsourcing arrangements entered into, reviewed or amended on or after this date. The Outsourcing Guidelines require relevant firms to carry out an in-depth review of all outsourcing arrangements and put in place appropriate governance frameworks relating to...

It would be funny if it did not feel so close to reality. As it currently stands, the next steps in the ?UK’s exit from the EU are precarious (yet again), which is also reflected in the market volatility around ?the value of the pound.?

Just over a week ago, we posted about a potential new deal between the UK and the EU27 that could potentially deliver on Prime Minister Boris Johnson’s promise to leave the EU by 31 October 2019.

On 7 October, the UK Financial Conduct Authority published a Brexit version of its monthly Market Watch newsletter.

In a recent decision, the Board of Appeal of the European Union Intellectual Property Office held Hasbro’s MONOPOLY registration partially invalid. This decision, if it is not appealed, will have a significant impact on businesses’ brand protection strategies. The five-year grace period - EU Trade Mark owners are afforded a five-year grace period from registration, during which they can...

On 24 September 2019, the European Union’s top court issued a landmark ruling declaring that Google does not have to extend the “right to be forgotten” rules to its search engines globally. This decision provides important guidance about this right, one of the well-known provisions of the General Data Protection Regulations (GDPR).

As the Conservative Party’s leadership election enters its final week, the two candidates have similar, but different plans for dealing with Brexit. While many still believe that Boris Johnson will win, the contest is looking a lot closer than it was a few weeks ago and there is a possibility that Jeremy Hunt could win when the results are declared on Tuesday, 23 July.

We have waited some time to post again on Brexit matters in the hope that things would become clearer. Certainly a lot has occurred since our last post: there were local elections in most of England and Northern Ireland on 2 May followed by UK wide elections for the European Parliament on 23 May and a UK Parliament by-election on 6 June. However, the Brexit process remains as uncertain as ever.

On November 23, the European Data Protection Board released guidelines for public comment (the “Guidelines”) on the territorial scope of the General Data Protection Regulation (“GDPR”). Specifically, the Guidelines address the applicability of GDPR Articles 3 and 27.

In 100 days, on 25 May 2018, the EU’s new data protection law goes live. The General Data Protection Regulation, commonly known as the GDPR, is the biggest change to European data protection law in over 20 years and will seriously impact businesses across the USA and around the world.

In EUIPO v Deluxe Laboratories (Case C-437/15 P), the Court of Justice of the European Union (CJEU) allowed an appeal against a General Court decision in which the EU Intellectual Property Office (EUIPO) was held to have erred in law in its assessment of the term ‘deluxe’, together with a figurative element, as being non-distinctive. Facts - In October 2012 Deluxe Laboratories, Inc, which...

On 5th July 2016, the European Commission (the “Commission”) published a proposal for a Directive amending the Fourth Money Laundering Directive (“Proposed Directive”), which sets out, amongst other things, to bring into scope currently unregulated virtual currency (VC) exchange platforms and custodian wallet providers. These entities would now have to carry out customer due diligence (CDD)...

Over the last few years Europe has increased its focus on cloud computing, and several organizations, working groups and policies have been set up to encourage its expansion and increased usage at the EU level. For example, the European Cloud Computing Strategy was adopted by the European Commission in September 2012, with an aim of delivering a net gain of 2.5 million new European jobs,...

Given the primacy of English law in international finance and loan documentation (English law and New York law being the most commonly selected globally), since the Brexit referendum in the UK, financiers and borrowers have been wondering whether any provisions need to change in their English law loan documentation (both existing loans and future ones). Although there is considerable uncertainty...

Earlier this week, European Union (“E.U.”) and U.S. representatives met in Brussels to continue to discuss a potential agreement concerning insurance and reinsurance matters. This is the third such meeting since the U.S. Department of the Treasury and the Office of the U.S. Trade Representative announced last November their intent to commence negotiations of an agreement between the E.U. and U.S.

For many years, the European Union’s single market directives have allowed City of London firms to ‘passport’ their services across the European Economic Area (‘EEA’) and operate out of other member states without the need to obtain additional authorisation l to the one which they had obtained in a particular member state. Firms from overseas, including many of the large US credit institutions,...

The General Data Protection Regulation (GDPR or Regulation) has been approved by European Union (EU) members as well as the Council of Europe and, at the time of writing, the draft Regulation is before the European Parliament for consideration and approval. Work has already begun to be ready for 2018 implementation.

The European Commission has recently issued a Report announcing its preliminary view that the Insurance Block Exemption Regulation (“IBER”) should not be renewed when it expires on March 31, 2017. The IBER provides an exemption from Article 101(1) of the Treaty on the Functioning of the European Union, which prohibits cartels and other forms of anticompetitive agreements, for two categories of...

The European Parliament, the Council and the Commission have agreed on the first EU-wide legislation on cybersecurity. Under the new measure, internet companies such as Google, Amazon, eBay and Cisco, but not social networking platforms like Facebook, will be required to report serious cyber incidents to national authorities, which in turn will be able to impose sanctions on companies that fail...

In the case of Weltimmo s.r.o. v Nemzeti Adatvédelmi és Információszabadság Hatóság, the Court of Justice of the European Union (“CJEU”) handed down a landmark judgment in October 2015 on data protection legislation, tackling the issue of jurisdiction when a company is headquartered in one EU country and operates its business in another. The ruling has extended the meaning of “established” as to...

Within the EU and wider EEA significant employment legislation often derives from EU directives which individual member states are then required to implement into their national law. Of particular significance is the Acquired Rights Directive (ARD). This legislation, implemented in the UK through the TUPE Regulations, serves to protect employee rights upon the transfer of a business.

As anticipated by our earlier article (published on October 2, 2015) “EU U.S. Data Protection: The Safe Harbor Framework Under Attack”, Europe’s highest court, the Court of Justice of the European Union (CJEU), has followed Advocate General Bot’s non-binding opinion of September 23, 2015, and has declared that the European Commission’s decision 2000/520 regarding the U.S.-EU Safe Harbor scheme (th

Facebook has won its latest class action case in a long-running legal battle involving 25,000 European Facebook users. The class action was led by Austrian law student and privacy campaigner Max Schrems, and alleged that Facebook breached European privacy laws. The Austrian court held that they lacked jurisdiction to hear the case, which sought €500 compensation for each claimant, totalling €12.5m

Following the European Parliament’s adoption of a General Approach to the long-awaited draft Data Protection Regulation (DPR) last month, negotiations over the regulation’s final form have now commenced. These negotiations between the European Commission, the European Parliament and the EU Council of Ministers (Council) are known as the “Trilogue process.” This represents the final stage of the...

Draft EU rules on sharing and protecting Passenger Name Record (PNR) data of people flying to or from the EU, were approved by the Civil Liberties Committee on 15 July 2015. Once passed into law, this data will be collected and used by member states and Europol to fight terrorism and serious transnational crime and must be used exclusively to prevent, detect, investigate and prosecute these...

On 15 June 2015 the EU Council of Ministers (Council) reached a General Approach to the long-awaited draft Data Protection Regulation (DPR), bringing Europe one step closer to a single, harmonised set of data protection rules across its 28 member states.

Unexpected delays are one of the inherent risks of travel. Mindful of the impact of such events, regulators in the EU promulgated a scheme of compensation available to travelers affected by substantial delays, to be paid by the responsible airline.

Earlier this week, the European Union’s executive body gained key approval to begin negotiations with the United States on a deal aimed at cutting the minimum collateral levels required of foreign reinsurers operating in the US.