The Court of Justice of the European Union (CJEU) – the European Union’s equivalent to the US Supreme Court – has issued a very important ruling with respect to cookie compliance that may require re-evaluation of your cookie...more
10/3/2019
/ Cookies ,
Data Collection ,
Data Processors ,
Data Protection Authority ,
EU Data Protection Laws ,
European Court of Justice (ECJ) ,
Personal Data ,
Popular ,
Prior Express Consent ,
Social Media ,
Website Owner Liability ,
Websites
We are now in the 10-day countdown to the GDPR enforcement date that we’ve been talking about since 2015. If you are a charter member of Procrastinators Anonymous, or just secretly hoped that this would all go away, the sands...more
5/16/2018
/ Breach Notification Rule ,
Cybersecurity ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Vendor Contacts
“Privacy by design” – while not a new concept – is certainly enjoying a new spot in the sunshine thanks to the European Union’s General Data Protection Regulation (“GDPR”) (50 days and counting…) and its codification of...more
4/5/2018
/ Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Risk Management
We’ve discussed privacy compliance with regulations, legal requirements, etc. in the space since this blog’s inception. “Privacy by design” – while not a new concept – is certainly enjoying a new spot in the sunshine thanks...more
2/21/2018
/ Chief Information Security Officer (CISO) ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy
In case you had not heard, the European Union is replacing its current privacy laws with a new, comprehensive General Data Protection Regulation (GDPR), which takes effect May 25, 2018. The essential principles of the EU’s...more
2/13/2018
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Health Care Providers ,
International Data Transfers ,
Life Sciences ,
Medical Records ,
Personal Data ,
Personally Identifiable Information ,
Third-Party Service Provider ,
US-EU Safe Harbor Framework
Decisions you make when founding and/or investing in an insurtech venture can dictate your regulatory obligations, tax liability, operational structure and, ultimately, profitability.
Here are five seemingly simple...more
7/11/2017
/ Data Breach ,
Data Privacy ,
Department of Financial Services ,
EU Data Protection Laws ,
Insurance Industry ,
Insuretech Sector ,
Investors ,
NYDFS ,
Popular ,
Profits ,
Startups ,
Tax Liability ,
Venture Funding
Even president-elect Donald Trump has been the victim of a data breach. Several times actually. The payment card system for his Trump Hotel Collection was infected by malware in May 2014 and 70,000 credit card numbers were...more
According to press reports, European Union and U.S. negotiators in Brussels finalized what is being called a “political agreement” on a new Safe Harbor transatlantic data transfer agreement. European Union justice...more
As all of our readers know by now, as of October 6, the US-EU Safe Harbor Framework is no more. Safe Harbor was the mechanism on which thousands of US companies (and thousands of companies based in the European Union)...more
10/22/2015
/ Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Israel ,
Model Contracts ,
Personal Data ,
SCC ,
Schrems I & Schrems II ,
Switzerland ,
US-EU Safe Harbor Framework
On October 20, 2015, the Irish High Court ordered the Irish Data Protection Commissioner (DPC) to investigate Facebook’s European data privacy practices, bringing Max Schrems’ three-year fight full circle. The Court quashed...more
10/21/2015
/ Article 29 Working Party (WP29) ,
Data Privacy ,
Data Protection Authority ,
Data Protection Commissioner ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
International Data Transfers ,
Ireland ,
Legal Costs ,
Motions to Quash ,
Personal Data ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
The so-called “Article 29 Working Party” of EU Data protection officials from the 28 EU member states today released a much-anticipated press release regarding the Court of Justice of the European Union (CJEU) landmark...more
10/19/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Model Contracts ,
Personal Data ,
SCC ,
US-EU Safe Harbor Framework
The Court of Justice of the European Union (ECJ) has now declared Safe Harbor invalid – in total. The ECJ has sent the case back to the Irish Data Protection Authority to determine whether Facebook Ireland’s transfer of...more
10/7/2015
/ Cloud Computing ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Human Resources Professionals ,
International Data Transfers ,
National Security Agency (NSA) ,
PRISM Program ,
US-EU Safe Harbor Framework
We will be following up our post last week regarding the latest US-EU Safe Harbor decision out of Europe with further analysis both from the Mintz Privacy team and our international network of privacy specialists. Our...more
9/28/2015
/ Advocate General ,
Consent ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
Edward Snowden ,
EU ,
EU Data Protection Laws ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
Welcome to our series, “The 12 Days of Privacy” as we look to “gifts” that may be received this season and some of the big issues ahead...more
Our series last year was a reader favorite, so we decided to put our prognosticator hats on again and present:
Rather than look back at 2014, starting tomorrow, the Privacy & Security blog will count down The 12 Days...more
12/9/2014
/ Automotive Industry ,
Cyber Insurance ,
Cybersecurity ,
EU Data Protection Laws ,
Hackers ,
Mobile Devices ,
OCR ,
Patient Privacy Rights ,
PHI ,
Proxy Season ,
V2V ,
Wearable Technology