1. Home
  2. |Insights
  3. |EU Member States Approve EU-U.S. Privacy Shield

EU Member States Approve EU-U.S. Privacy Shield

Client Alert | 1 min read | 07.08.16

Today, the European Union (EU) Member States in their function as the Article 31 Committee approved the final version of the EU-U.S. Privacy Shield, the new framework for transatlantic data transfers. It is set to replace the U.S.-EU Safe Harbor which the European Court of Justice invalidated in October 2015. Today’s vote by the Article 31 Committee, which was an important prerequisite for the formal adoption, paves the way for the European Commission’s adequacy decision, which is expected to take place early next week. The European Commission stated that, “Both consumers and companies can have full confidence in the new arrangement, which reflects the requirements of the European Court of Justice. Today’s vote by the Member States is a strong sign of confidence.” The European Commission also noted that during the adoption process it consulted as broadly as possible, “taking on board the input of key stakeholders, notably the independent [Member State] data protection authorities and the European Parliament.” The Commission likely hopes its final consultations and changes will satisfy potential opponents to the new program.

Insights

Client Alert | 2 min read | 07.15.26

CMMC Phase II Suspension Requires Reconsideration of Such Requirements in Solicitations

As discussed in more detail here, the U.S. Department of War (DoW) recently issued a memorandum (Memo 26-P-1023, dated July 13, 2026) directing the immediate suspension of Cybersecurity Maturity Model Certification (CMMC) Phase II requirements (Level I and II self assessments are still permitted). Significantly, the memo directs that “all pending and future CMMC implementation milestones across DoW solicitations and contracts are held in abeyance until further notice.” Moreover, the DoW issued a memorandum on implementing these requirements (available here), directing agencies to issue amendments removing CMMC Level 2 and 3 requirements from active solicitations “as soon as practicable.” Contractors should monitor the government’s compliance with this requirement and should be prepared, if needed, to file a bid protest to protect their rights....