• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cross-Border Privacy

Meeting the Legal Challenges of International Data Transfers

  • About
  • Blog
  • Contact
global network over blue world map on dark blue background

Cross-Border Privacy

Meeting the Legal Challenges of International Data Transfers

Welcome! My aim with this blog is to help you understand the barriers to, and deal with the risks of, transferring personal data across national borders.
More about Cross-Border Privacy »

  • LinkedIn
  • Twitter
  • RSS Feed
Michael L. Whitener

From the Blog

  • Not-So-Standard Contractual Clauses

    Not-So-Standard Contractual Clauses

    April 15, 2023

    by

    Michael Whitener

    Last week I attended the IAPP Global Summit (the IAPP’s annual privacy bash), featuring privacy luminaries as keynote speakers and dozens of privacy-focused sessions. One particularly good session was about the proliferation of standard contractual clauses (SCCs) that permit cross-border data transfers. This session coincided with the Future of Privacy Forum’s release of a report … Read More » about Not-So-Standard Contractual Clauses

  • What Is an “International Data Transfer” Anyway?

    What Is an “International Data Transfer” Anyway?

    March 27, 2023

    by

    Michael Whitener

    Chapter V of the GDPR lays down the requirements for transfers of personal data from the EU to a third country. The requirements are pretty straightforward. The transfer must be based on either: But before Chapter V is even applicable, there must be a “transfer.” What constitutes a “transfer” isn’t self-evident, as the GDPR doesn’t … Read More » about What Is an “International Data Transfer” Anyway?

  • Renaming the Data Privacy Framework . . . With Help From ChatGPT

    Renaming the Data Privacy Framework . . . With Help From ChatGPT

    March 17, 2023

    by

    Michael Whitener

    In my previous blog post, I reviewed the recent opinion of the European Data Protection Board that considers whether the proposed Privacy Shield replacement – the EU-U.S. Data Privacy Framework – provides “adequate protection” for EU-U.S. data transfers as required under the GDPR. The merits of that proposed framework aside, it needs a catchier name. … Read More » about Renaming the Data Privacy Framework . . . With Help From ChatGPT

  • Don’t Start Your Engines Just Yet for Privacy Shield II

    Don’t Start Your Engines Just Yet for Privacy Shield II

    March 15, 2023

    by

    Michael Whitener

    The latest development in the long road to a replacement for the Privacy Shield, which was shot down by the Court of Justice of the European Union in its Schrems II decision (2020), is the European Data Protection Board’s opinion adopted February 28, 2023 (Opinion 5/2023). That opinion looks at whether the newly proposed EU-U.S. … Read More » about Don’t Start Your Engines Just Yet for Privacy Shield II

  • Actual vs. Suspected Security Breaches Under DPAs

    Actual vs. Suspected Security Breaches Under DPAs

    March 5, 2023

    by

    Michael Whitener

    Pet peeve alert: it bugs me every time I see “personal data breach,” “security breach” or “security incident” defined in a DPA to include “suspected” as well as “actual” breaches or incidents. The GDPR definition of “personal data breach” is perfectly adequate: “personal data breach” means a breach of security leading to the accidental or … Read More » about Actual vs. Suspected Security Breaches Under DPAs

  • Drafting Robust TOMs

    Drafting Robust TOMs

    February 15, 2023

    by

    Michael Whitener

    “TOMs,” for those unversed in GDPR acronyms, refers to the “technical and organizational measures” for keeping personal data secure required under the GDPR (Art. 32) as well as under the standard contractual clauses (Annex II). Compared with the EU Data Protection Directive it replaced, the GDPR takes a more granular approach to security requirements. While … Read More » about Drafting Robust TOMs

More from the Blog

Get the Latest Posts!

Sign up to get the latest Cross-Border Privacy posts!

Your privacy is important to us. Privacy Policy

Footer

Connect with Us

  • LinkedIn
  • RSS
  • Twitter

Search

Newsletter Signup

Sign up to get the latest Cross-Border Privacy posts!

Privacy Policy

Contact Michael

Michael L. Whitener
Contact Form

Recent Posts

  • Not-So-Standard Contractual Clauses
  • What Is an “International Data Transfer” Anyway?
  • Renaming the Data Privacy Framework . . . With Help From ChatGPT

Copyright © 2023 · Cross-Border Privacy · Michael L. Whitener · Log in

  • Home
  • About
  • Blog
  • Contact
  • Privacy Policy

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in settings.

Cross-Border Privacy
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.