U.S companies hoping to avoid compliance with the requirements of EU law may want to think twice. It’s really time to get on with it. Despite early rhetoric from the Trump Administration, discussions between the U.S. Department of Commerce and the EU Commission last week indicate that the best course for businesses involving data about EU citizens is to take the steps necessary to comply. U.S. officials sent a clear message that they stand behind the commitments of their predecessors to promote compliance by U.S. businesses, at least with respect to the Privacy Shield. This likely reflects a broader U.S. government position that is pro-compliance. EU Justice Commissioner…
.@EU_Commission announced successful conclusion of adequacy talks with South Korea, confirming alignment of EU & SK #dataprotection laws. Finding covers commercial & public sector, enables data flows between the EU & SK. Adoption expected in coming months. https://ec.europa.eu/commission/presscorner/detail/en/statement_21_1506
Dutch DPA announced a €475,000 fine for Dutch headquartered @bookingcom for failure to report #databreach within 72 hours of becoming aware of the 2019 incident. Breach resulted in unauthorized access to login credentials, criminal access to data of 4000 customers.
Bavaria #DPA declared company’s (controller’s) use of US email marketing service #Mailchimp in #Bavaria impermissible due to failure comply with #SchremsII mitigation requirements with respect to transfer of e-mail addresses to Mailchimp in the US.