On July 26, 2016, the body of European Data Protection Authorities (DPAs)—the "Article 29 Working Party" (WP29)—issued a statement commending the improvements made to the EU-U.S. Privacy Shield (Privacy Shield). Although the...more
On July 12, 2016, the EU Commission and the U.S. Secretary of Commerce announced the adoption of the EU-U.S. Privacy Shield (Privacy Shield). This announcement follows today's adequacy decision by the College of EU...more
7/13/2016
/ Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
International Data Transfers ,
Model Contracts ,
Ombudsman ,
Schrems I & Schrems II ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
On July 6, 2016, the European Parliament adopted the first-ever pan-European law on cyber security. The law, entitled the "Directive on the Security of Network and Information Systems" (NIS Directive), imposes security...more
On June 29, 2016, the U.S. Department of Health and Human Services (HHS) announced a Resolution Agreement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), settling charges that CHCS failed to...more
On June 30, 2016, the Federal Trade Commission (FTC) issued an interim final rule that substantially increases the maximum civil penalties for violations of the competition and consumer protection laws enforced by the FTC...more
Two recent developments have significantly increased the already uncertain legal landscape surrounding transatlantic data flows. Earlier today, the EU Parliament voted out a resolution calling on the European Commission (EU...more
On April 14, 2016, the European Parliament formally adopted the General Data Protection Regulation (GDPR). With this vote, the new EU data protection legal framework will become legally effective in two years and 20 days from...more
On April 13, 2016, the body of European Data Protection Authorities (DPAs)—the "Article 29 Working Party" (WP29)—issued its opinion on the new EU-U.S. Privacy Shield.1 The WP29 acknowledged that progress has been made with...more
On February 23, 2016, the Federal Trade Commission (FTC) announced a settlement with computer hardware maker ASUSTeK Computer, Inc. (ASUS).1 The ASUS settlement highlights the FTC’s position regarding security in the...more
With a new year come exciting new developments in the world of privacy and data protection. We are thrilled to announce the launch of the digital version of The WSGR Data Advisor. Please visit our site for the latest news and...more
On February 3, 2016, the body of European data protection regulators—called the "Article 29 Working Party" (WP29)—issued a statement following the announcement of a political agreement regarding a new transatlantic data...more
On February 2, 2016, the European Commission (EU Commission) announced that a political agreement on a new legal framework for data transfers has been reached between the European Union (EU) and the U.S.1 Today's agreement...more
On December 15, 2015, the European Parliament and the Council of the European Union (Council) reached a political agreement on the future EU data protection legal framework. This is a significant step towards adoption of the...more
The last two months certainly have been eventful in the world of privacy. In this issue of The WSGR Data Advisor, we examine the Court of Justice of the European Union’s recent and highly significant Schrems decision that...more
11/20/2015
/ Comcast ,
Cybersecurity ,
EU ,
EU Data Protection Laws ,
Federal Trade Commission (FTC) ,
HIPAA Audits ,
PCI-DSS Standard ,
Schrems I & Schrems II ,
Securities and Exchange Commission (SEC) ,
Security and Privacy Controls ,
Technical Conference ,
US-EU Safe Harbor Framework
On October 16, 2015, the body of European data protection regulators (Article 29 Working Party or WP29) issued a statement on the implementation of the judgement of the Court of Justice of the European Union (CJEU) in...more
10/19/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Model Contracts ,
Popular ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
Today, the Court of Justice of the European Union (CJEU), the EU's highest court, issued a groundbreaking decision that invalidates the EU-U.S. Safe Harbor program. Given the widespread reliance on the Safe Harbor framework...more
Today, the Advocate General of the Court of Justice of the European Union (CJEU, the EU's highest court) issued a far-reaching opinion1 that has significant implications for the EU-U.S. Safe Harbor program and data transfers...more
In this issue of The WSGR Data Advisor, we examine the FCC’s recent TCPA declaratory ruling and order addressing issues regarding calling and texting consumers, and discuss the new privacy, data security, and transparency...more
9/11/2015
/ Auto-Dialed Calls ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Declaratory Rulings ,
Department of Health and Human Services (HHS) ,
Drones ,
Electronic Medical Records ,
EU ,
FCC ,
Federal Trade Commission (FTC) ,
New Legislation ,
Online Privacy Protection Act ,
Security and Privacy Controls ,
TCPA ,
Technical Standards ,
Text Messages
September 8, 2015 On September 2, 2015, the Federal Trade Commission (FTC) announced its first settlement with an online video marketer over an alleged failure to disclose paid endorsements. The FTC settled with Machinima,...more
On June 30, 2015, the Federal Trade Commission (FTC) announced the first two events of its new "Start with Security" business education initiative to provide additional guidance on data security best practices. The first...more
On June 15, 2015, the Ministers of Justice of all 28 European Union member states, sitting as the Council of the EU (Council), reached a crucial agreement for the future EU data protection legal framework. Much work still...more
On May 25, 2015, the French data protection authority (CNIL) published its annual inspection program for 2015, unveiling its objectives and priorities for the year. This alert highlights the main priorities of the CNIL for...more
5/29/2015
/ BCRs ,
CNIL ,
Data Collection ,
Data Protection ,
EU ,
France ,
Mobile Payments ,
Popular ,
Privacy Laws ,
Technology ,
Wifi
Organizations in the United States that certify to the U.S.-EU Safe Harbor Framework to transfer and receive personal data about residents of the European Union must annually reaffirm to the U.S. Department of Commerce that...more
All businesses acting in the mobile ecosystem—including app developers, analytics companies, advertising networks, app platform providers, and providers of devices and related services—should be aware that the Digital...more
In this issue:
- Privacy and Data Security in Transactions: What's the Deal?
- Consumer and Financial Institution Class Actions Survive Motions to Dismiss in Target Data Breach Litigation
- California Amends...more
2/24/2015
/ Breach Notification Rule ,
Consumer Financial Protection Bureau (CFPB) ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Protection ,
Financial Institutions ,
Internet ,
Internet of Things ,
Mobile Apps ,
Target