Your binder contains too many pages, the maximum is 40.
We are unable to add this page to your binder, please try again later.
This page has been added to your binder.
Covington has extensive experience assisting with cross-border transfer issues, including advising on binding corporate rules (BCRs) and on the “Safe Harbor” regime for data transfers from the EU to the U.S. In the past few years alone, we have assisted a number of clients in preparing their BCR submissions, enabled numerous companies to enroll in or re-certify to the Safe Harbor, and have prepared and filed (where necessary) international data transfer agreements in most EU jurisdictions. In addition, the Covington team is expert in the Cross Border Privacy Rules (CBPR) System deployed by the Asia-Pacific Economic Cooperation (APEC) economies.
Covington’s experience with BCRs is especially substantial. Our experience encompasses all stages of BCRs, from assisting clients with internal preparation of the company, the designation of a lead authority, the drafting of the BCRs and supporting documentation, the submission of the BCR application with the lead authority and subsequent implementation, including national registration and roll-out of the individual elements of the BCR package.
Advising numerous companies on Binding Corporate Rules (BCRs), including Processor Rules. We help develop the BCR corpus and manage the entire approval process before the lead data protection authorities in several EU Member States including Belgium, Germany, Luxembourg and the UK.
Representing Merck in one of the first “test” cases involving interoperability between BCRs and APEC’s Cross-border Privacy Rules (CBPR). The case will establish a precedent for cross-border transfers of personal data for both the EU and Asia-Pacific Region.
Assisting GSK plc in its adoption of Binding Corporate Rules (BCRs) in order to permit the company to transfer personal data globally. We helped develop GSK’s privacy compliance program, obtain the UK data protection authority’s approval and continue assisting GSK during the subsequent implementation.
Assisting a multinational manufacturer of heavy equipment in the adoption of BCRs.
Assisting a multinational manufacturer of machinery in the developing of BCRs.
Assisting a global e-commerce company in preparing and filing BCRs with the Luxembourg data protection authority.
Managing a privacy audit of a U.S.-based multinational in the oil and gas industry in preparation for its BCR approval with the Dutch data protection authority as the lead authority, including reviewing and providing advice on the BCRs and the implementation strategy and assisting this client in the preparation and roll-out of various compliance tools in the framework of the BCRs.
Managing and acting as the liaison for a group of U.S. based multinationals that have put BCRs in place and exchange their BCR experience.
Reviewing and amending BCRs for a Swiss-based pharmaceutical company with the French data protection authority acting as the lead authority.
Assisting a multinational manufacturer of products for the aerospace and building industries in developing BCRs.
Advising a multinational chemicals company on international data transfers.
Helping numerous companies self-certify under the Safe Harbor framework.
Conducted a detailed review of the human resources operations of a large pharmaceutical company to assess compliance with data protection and privacy laws and regulations in both the U.S. and EU, in anticipation of possible certification under the U.S.-EU Safe Harbor regime. Our extensive written report described potential compliance issues and recommended specific remedial actions.
Serving as global privacy and data security counsel to a global e-commerce business, including advising on financial services privacy and information security-related aspects of certain mobile payments and mobile wallet services and international data transfers
April 12, 2017, Covington Alert
On April 11, 2017, the Cyberspace Administration of China (“CAC”) released a draft of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (“the Draft Measures”) for public comment (official Chinese version available here; Covington’s translation of the Draft Measures is appended at the end of this alert).
March 30, 2017, Business Forums International Ltd.
April 12, 2016, Law360