Reed Smith LLP (LexBlog Ireland)

The European Commission’s (EC) International Standard Contractual Clauses (SCCs), which we previously discussed here, contain extensive third party beneficiary rights. The EC’s decision made clear that with these new international transfer SCCs, the parties can decide for themselves which EU Member State law will govern their SCCs, provided that the Member State’s laws allowed for...

The German data protection authority of the federal state of Baden-Württemberg (LfDI BW) has issued detailed guidance (Guidance) on international data transfers this August and September. This is the first official guidance by a data protection authority following the decision of the Court of Justice of the European Union (CJEU) in the Schrems II case...

The Court of Justice of the European Union (CJEU) handed down its judgment on a case brought by privacy rights activist, Max Schrems (C-311/18, Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems) (Schrems II) yesterday, July 16, 2020. The case concerned the transfer of personal data to recipients in the United States via the EU...

Today, the Advocate General Henrik Saugmandsgaard Øe (AG) published his opinion on a case brought by privacy rights activist, Max Schrems (C-311/18, Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems) (Schrems II). The case concerns the validity of the standard contractual clauses (SCCs). The Court of Justice of the European Union (CJEU) press release...

This post is from the non-Reed Smith side of the blog. This blogger is just returned from Ireland where we toured castles and abbeys, drove through amazing landscapes on tiny roads with hairpin turns (can’t say enough about Connemara except that everyone should go), sang about Molly Malone and the Fields of Athenry, visited a...

Article 23 of the General Data Protection Regulation (GDPR) allows EU Member States to restrict the scope of data subjects’ GDPR rights and organisations’ GDPR obligations. The Irish data protection authority, the Data Protection Commission (DPC), released guidelines (Guidelines) on GDPR Article 23 on 19 June 2018. The Irish Data Protection Act 2018 (the Act)...

Background On 22 November 2017, the Court of Justice of the European Union (“CJEU”) gave judgment in a case taken by the not-for-profit company, Digital Rights Ireland Limited (“DRIL”). DRIL sought an annulment of the European Commission’s Privacy Shield decision. This decision states that the US ensures an adequate level of protection for personal data...

If Saint Patrick walked into your workplace today, how would he and his beliefs be received? As we gather on March 17, amidst the shamrocks and celebrations, let’s not forget why we honor the life of this patron saint. Born in the late 4th century, Maewyn Succat was canonized as Saint Patrick for bringing Christianity...

Advocate General Yves Bot today delivered an opinion recommending that the European Court of Justice (ECJ) find the U.S.-EU Safe Harbor Program invalid. His opinion, while non-binding, relates to a request for a preliminary ruling referred to the ECJ by the High Court of Ireland, Irish Court in Schrems v. Data Protection Commissioner, (ECJ, No....

On 31 July, the chief judge of the Southern District of New York delivered the latest in a series of controversial judgments stemming from a test case brought by Microsoft in an extra-territorial warrant issued under the U.S. Stored Communications Act. In the third ruling on the matter, the court found in favour of the...

At the end of April, a magistrate judge of the Southern District of New York denied a motion filed by Microsoft for the quashing of a search warrant issued under the Stored Communications Act (the Act). Microsoft had argued that the warrant should be quashed because the data concerned was stored in Ireland, and the...

This post was written by Cynthia O’Donoghue. In June 2013, the Federal Trade Commission (FTC) and Ireland’s Office of the Data Protection Commissioner signed a memorandum of understanding establishing a mutual assistance and information exchange program to secure compliance with data protection and privacy laws on both sides of the Atlantic. The privacy and data...

This post was written by Cynthia O’Donoghue. On 24 April 2013, the EU Presidency, currently held by Ireland, prepared a Note to the Committee of Permanent Representatives (COREPER) regarding the proposed General Data Protection Regulation (Regulation). The Note was leaked and published on Statewatch’s website. Statewatch is a civil liberties organisation. In the Note, the...