Over the past six months you have probably been bombarded with data privacy articles, questions, and concerns regarding the European Union (“EU”). Given the sheer volume of material on the topic, it is difficult to figure out what you really need to know about the current state of data privacy and data protection in Europe. We saw the European Court of Justice strike-down the US-EU “Safe Harbor” agreement last October (which will likely be replaced with the new “Privacy Shield” agreement). We know that the EU recently approved a new EU-wide data privacy law. The hard part, however, is figuring out what it all means. This edition of “Ten Things” will try to sum things up in a useful way so when those questions and concerns come across your desk, you have some ready answers and a road map for the next steps you and your company need to take to ensure compliance with all of the changes in EU data privacy law:
As in-house counsel, you have probably been asked the following question by a panicked (or at least pretty stressed-out) CEO or CFO: “What are we doing about data privacy? Are we okay?” You likely have a good answer, or at least the start of one. Still, your answer may be as open-ended as the question and you can feel overwhelmed by the sheer amount of information on the topic. I know that you want to read another article about data privacy about as much as you’d like to have a safe dropped on your head. But, don’t stop reading. This will not be an overly-detailed discussion about all of the nuances of the issue or a list of regulations and laws of multiple countries (though those discussions are valuable). This edition of “Ten Things” will set out the essential things you need to know about data privacy — key points that you can focus on as you work through or oversee data issues for your company.