data protection


Mind the Gap: Loopholes in the EU Data Privacy Regime

By Theodore Chua, J.D. Candidate 2018, Columbia Law School I. Introduction With the modernization of databases and search engines, information seemingly lost in a sea of information can be retrieved almost instantaneously. Due to the value of analyzing personal data (e.g. for the purpose of understanding voter demographics or consumer groups), legislatures are alive to the need for data protection laws regulating how personal data can be processed or transferred. Paving the way forward, the EU (then the EC) in 1995 enacted a single data protection law—the Data Protection Directive (the “Directive”)—to establish uniform data protection standards across member states. […]


EU-US Privacy Shield: The Future Framework for Transatlantic Data Flows?

Marjorie Becker LL.M., Columbia Law School, 2016 By striking down the 15-year old Safe Harbor Framework in its decision Schrems v. Data Protection Commissioner on October 6, 2015,[1] the Court of Justice of the European Union (CJEU) left most self-certified U.S. companies in limbo. The Privacy Shield announced on February 2, 2016 by the EU Commission and the U.S. Department of Commerce (DOC), however, may yet provide relief to some of them. This new framework comprises various documents—summarized in the draft adequacy decision and related annexes released on February 29, 2016—and aims to comply with the requirements of Schrems by […]


The End of a Safe Harbor: The Schrems Decision Calls for Stricter Standards for Protection of Personal Data Transferred to the US

Traci Biedermann J.D. Candidate, Columbia Law School, 2017 Scrutiny of the United States’ measures for protection of personal data from government surveillance has increased following Snowden’s revelations regarding the National Security Agency (NSA). In fact, these revelations are still making ripples in the area of data protection, one such being the case of Schrems v. Data Protection Commissioner (Case C-362/14). Fearing that his data was being improperly protected after transmission to the US by Facebook, Maximillian Schrems, filed a complaint alleging that the US did not have adequate protections against government surveillance of his personal data. Under the EU Data […]