compliance ethics professional - bristows.com20the%20eu%20model%2… · compliance & ethics...
TRANSCRIPT
Compliance & EthicsProfessional
®
a publication of the society of corporate compliance and ethics www.corporatecompliance.org
March
2017
51Behavioral
ethics: From nudges to
normsScott Killingsworth
45 Product integrity: Some compliance principles
for engineering organizations
Laurie Burgett
29 11 tips for engaging
middle managers on complianceCraig Thomas and Monica Locklear
39Five tactics to
dramatically improve your Code of Conduct
Kirsten Liston and Meghan Daniels
Meet Ryan Meade
Director, Center for Compliance Studies
Loyola University Chicago School of Law
See page 16
This article, published in Compliance & Ethics Professional, appears here with permission from the Society of Corporate Compliance & Ethics. Call SCCE at +1 952 933 4977 or 888 277 4977 with reprint requests.
+1 952 933 4977 or 888 277 4977 www.corporatecompliance.org 27
Com
pli
ance
& E
thic
s P
rofe
ssio
nal
®
Feb
ruar
y 20
17
Compliance & Ethics Institute
The Society of Corporate Compliance & Ethics 16th Annual
October 15-18, 2017 · Caesars Palace
Early BirdRegister by June 5 to Save up to
$575
Learn more and register at complianceethicsinstitute.org
Join us in Las Vegas! 1700+ ATTENDEES
8 LEARNING TRACKS
150+ SPEAKERS
100+ SESSIONS
AGENDA NOW AVAILABLE
Since the fall of the Safe Harbor regime in October 2015, and notwithstanding Privacy Shield, we have seen a rise in
the popularity of the EU Standard Contractual Clauses (SCCs). Presenting clients with Data
Processing Agreements alongside SCCs has become standard practice for major US-based service providers.
But the SCCs are now under threat in the European Court of Justice (CJEU) and challenged by the same arguments that brought down Safe Harbor.
The legal challengeTo explain the background to the legal challenge of the SCCs, the European Charter of Fundamental Rights (Charter) gives individuals certain rights, such as the rights to:
· respect for private life and family life, home, and communications under Article 7;
· the protection of personal data under Article 8; and
· an effective remedy for violation of Charter rights under Article 47.
Safe Harbor was brought down by the argument that there was significant over-reach of indiscriminate state surveillance practices in the U.S. without appropriate safeguards. Such practices were inconsistent with Articles 7, 8, and 47 of the Charter, and the U.S. was held not to provide adequate protection of the personal data of EU citizens. The same arguments form the basis of the complaint against the SCCs. The SCCs are a contract
that guarantees adequate safeguards for EU citizens’ personal data in any country.
What can we expect next? Depending on what the courts decide, we might see the following changes to the SCCs:
· more detailed contractual provisions about EU citizens’ rights and recourse mechanisms;
· rights directly enforceable by EU citizens; · submission of the non-EEA data importer
to the jurisdiction by EU authorities; · mandatory notification of SCCs and
register of data importers; · mandatory use of encryption for data
in transit; · a list of countries which are deemed
by the Commission as not providing adequate protection due to excessive surveillance; and
· bilateral treaties in relation to the safeguarding of EU citizens’ personal data with third countries. ✵
Robert Bond ([email protected]) Partner & Notary Public, Bristows LLP in London, UK.
by Robert Bond, CCEP
Will the EU Model Clause survive?
EU COMPLIANCE AND REGULATION
Bond
Safe Harbor was brought down by the argument that there was significant over-
reach of indiscriminate state surveillance practices in the
U.S. without appropriate safeguards.