Search
Generic filters
POSTS BY Christopher Kuner
28 August 2024

Strengthening the EU Legal Edifice for Data Transfers

GDPR provides the rulebook for international transfers of personal data from the EU and serves as the vehicle through which EU data protection law interacts with the wider world. However, the EU seems ambivalent about deciding how far it can expect third countries to adopt data protection standards similar to its own. Moreover, DPAs often fail to scrutinize data transfers to third countries that may lack the rule of law. Finally, the EU lacks a comparative methodology for assessing data protection equivalence in third countries. It is essential for the EU to elevate the public discourse so that the global significance of data transfers is recognized. Continue reading >>
0
25 August 2020

Schrems II Re-Examined

The Court of Justice of the EU’s judgment in Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems (“Schrems II”) of 16 July has already received significant attention. Now that the dust has somewhat settled, however, it deserves re-examination in light of its significant implications for the regulation of international data transfers under the EU General Data Protection Regulation. Continue reading >>
15 April 2020

Data crossing borders

The cross-border sharing of personal data to combat coronavirus raises questions under the EU General Data Protection Regulation 2016/679 (the GDPR) - two of which will be dealt with here. The first question is whether EU data protection law is flexible enough to allow the international sharing of personal data to fight the pandemic. Secondly, data protection law has traditionally been shaped by pivotal events in history (think of the effect that the reaction to the terrorist attacks of 11 September 2001 had on data protection law), and one can ask what implications the crisis will have on the future development of data transfer regulation. Continue reading >>
0
26 July 2017

Data Protection, Data Transfers, and International Agreements: the CJEU’s Opinion 1/15

On 26 July the EU Court of Justice (CJEU) issued Opinion 1/15, which is its most significant ruling on the international dimensions of data protection law since its 2015 judgment in the Schrems case. In Opinion 1/15, the Grand Chamber of the Court found that the draft agreement between the EU and Canada for the transfer of passenger name record (PNR) data may not be concluded in its current form, since several of its provisions are incompatible with EU fundamental rights law. As the Court’s first ruling on the compatibility of a draft international agreement with the EU Charter of Fundamental Rights, the judgment has important implications for many areas of EU law. Continue reading >>
08 October 2015

The Sinking of the Safe Harbor

The judgment of the Court of Justice of the European Union (CJEU) in Schrems v. Data Protection Commissioner (Case C-362/14) is a landmark in EU data protection law, but one about which I have serious misgivings. While I share the Court’s concern regarding the surveillance practices of the US government (and other governments for that matter) and some of its criticisms of the EU-US Safe Harbor Arrangement, I take exception to its lack of interest in the practical effects of the judgment and the global context in which EU law must operate. Continue reading >>