The long awaited Schrems II decision was published by the Court of Justice of the European Union (CJEU) on 16 July 2020 (Court of Justice of the European Union – Grand Chamber – 16 July 2020 – C-311/18 – Schrems II) and while it has already been summarized as the death blow to the Privacy Shield framework and the confirmation of the validity of the Standard Contractual Clauses (SCCs) by many, it may only be a Pyrrhic victory for the latter, as far as transfers to the US are concerned.

(more…)

With the recent decision from the Court of Justice of the European Union (CJEU) invalidating the Privacy Shield framework (Court of Justice of the European Union – Grand Chamber – 16 July 2020 – C-311/18 – Schrems II – see our alert here) and subjecting the Standard Contractual Clauses (SCCs) to higher standard of enforcement, global companies with the need to transfer data across the world, and especially across the Atlantic, are now required to re-assess their data transfer mechanisms.

While both Privacy Shield and the SCCs predates the General Data Protection Regulation 2016/79 dated 27 April 2016, which enter into force on 25 May 2018 (GDPR) , the new regulation aimed at providing stakeholders with additional tools to self-regulate and safeguard the privacy of individuals in the European Union

Among them, and while still confidential, the implementation of codes of conduct is encouraged under Art. 40 GDPR and by the dedicated Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/79 dated 04 June 2019 of the European Data Protection Board (EDPB). As a matter of fact, the advantages of such codes of conducts go beyond the mere facilitation of data transfers, and provide data controllers and data processors alike with a complete sectorial framework for GDPR compliance.

(more…)

In a highly anticipated Schrems II decision, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield, the legal framework allowing transatlantic exchanges of personal data for commercial purposes between the European Union and the United States, mainly citing US surveillance practices and inadequate recourse to EU individuals. On the other hand, the CJEU upheld the Commission Decision 2010/87 on Standard Contractual Clauses (SCCs) for the transfer of personal data to processors established in third countries (see out alert here). 

(more…)

France’s top administrative court has overruled the country’s data authority regarding “cookie walls”, stating that as an agency that only offers guidelines – so-called flexible laws – the authority cannot prohibit their use.

Cookie walls prevent internet users from accessing websites unless they consent to the use of tracking cookies, which often gather data used by advertisers.

(more…)

In view of the strong international dimension, notably European, of commercial issues related to trademarks, the economic players do not limit the scope of their protection to one single national territory anymore. On the contrary, the current trend is to multiply of the trademarks filings, which often leads to a variety of protections, for a same sign, through a national trademark, a European Union (EU) trademark and an international trademark.

However, in France, the jurisdiction of the courts varies depending upon these different titles, and thus requires, prior to introducing an action, adopting an actual procedural strategy. The Commercial Division of the French Supreme Court, in a decision dated 6 September, 2016 1) Commercial Division of the French Supreme Court, 6 September 2016, No.15-29.113 , confirmed these strategical issues relating to the choice of the forum election. Indeed, according to this decision, limiting the scope of a proceeding to French trademarks becomes a real advantage (1.), which could lead, in fine, to a new equilibrium for trademark litigation in France (2.)
(more…)

References

1 Commercial Division of the French Supreme Court, 6 September 2016, No.15-29.113