Steven Farmer

Steven Farmer

Pillsbury Winthrop Shaw Pittman LLP

Contact  |  View Bio  |  RSS

Latest Publications


Top EU Court’s Ruling Subjects Companies Doing Business Across Europe To “New Sanctions” in Potentially Unfamiliar Jurisdictions

The Court of Justice of the European Union (CJEU) has been very busy in recent weeks re-shaping EU privacy laws. In addition to the much-anticipated decision in “Schrems” (Case C-362/14), which essentially rules the US-EU...more

10/29/2015 - Compliance Cybersecurity Data Protection Debt Collection European Commission European Court of Justice (ECJ) Hungary International Data Transfers Member State Personal Data Privacy Laws Right to Privacy Sanctions US-EU Safe Harbor Framework

With Safe Harbor now “Invalid,” Companies Must Change Data Practices

Europe’s top court ruled that U.S. companies relying upon the “Safe Harbor Framework” data sharing regime to maintain information regarding EU citizens is “invalid.” This means that any company relying upon the Safe Harbor...more

10/8/2015 - Binding Corporate Rules Data Protection European Court of Justice (ECJ) International Data Transfers National Security NSA Personal Data PRISM Program Privacy Policy Right to Privacy Safe Harbors Schrems v Data Protection Commissioner US-EU Safe Harbor Framework

The UK Appoints New Anti-Corruption Unit: A Look at the Global Ramifications

Given London’s role in international business and finance, the UK Bribery Act 2010 promised to form a potential strong counterpart to the U.S. Foreign Corrupt Practices Act (FCPA). Now, the UK government is taking steps which...more

8/27/2015 - Anti-Corruption Enforcement Actions FCPA International Corruption Unit (ICU) SFO UK UK Bribery Act

Cybersecurity and the Aviation Sector: Recent Incidents Highlight Unique Risks

Given the range of threats and the catastrophic impact an attack could have on an airline, strategizing to reduce the risk of breaches and implementing plans to deal with them once they occur should be prioritized at board...more

8/26/2015 - Aviation Industry Cybersecurity Data Breach Hackers

Global App Enforcement Sweep - Lessons For Developers

A recent survey of over 1,200 of the top mobile apps in 19 countries by the Global Privacy Enforcement Network ("GPEN") has found that 85% of the apps reviewed were non-compliant, failing to provide even the most basic...more

11/10/2014 - Data Protection Enforcement Enforcement Actions GPEN Mobile Apps

European “Cookie Sweep” Initiative – 15 - 19 September 2014 – Is Your Website Ready?

The European data protection authorities will be conducting a “cookie sweep” later this month, carrying out random spot checks on websites to assess for compliance with EU “cookie” laws. Businesses should therefore be...more

9/9/2014 - Audits Cookies EU Websites

The EU Article 29 Working Party's Guidance on the "Legitimate Interest" Ground for Processing Personal Data

When precisely is a data controller lawfully permitted to process personal data? If a data controller does not have the consent of a data subject to process his or her data, when does the “legitimate interest”...more

8/12/2014 - Cybersecurity Data Controller EU EU Directive Legitimate Business Interest Personally Identifiable Information Prior Express Consent

2014 Sees The First Fines For Violations Of EU Cookie Laws

Much has been said about the EU "Cookie" laws introduced by an amendment to the Privacy and Electronic Communications Directive in 2011. Companies with European customers (including those in the US) have grappled with the...more

3/18/2014 - Cookies Cybersecurity Data Protection EU EU Data Protection Laws

Personal Data Transfers from the European Economic Area: Binding Corporate Rules Emerge as Increasingly Attractive Option

It is difficult to recall a time when the issue of personal data transfers from the European Economic Area ("EEA") has been as widely and hotly debated as it has over the past year or so. Significant movements during the past...more

2/26/2014 - Cybersecurity Data Protection Edward Snowden EU EU Data Protection Laws NSA

U.K. Court of Appeal’s Award of Compensation for Distress to an Individual Following a Breach of the Data Protection Act: Opening...

Whilst regulatory action by the U.K. Information Commissioner’s Of?ce (‘‘ICO’’) is relatively commonplace and well reported following data breaches, particularly since the ICO was granted powers to issue on the spot ?nes for...more


New watchdog study shows that approximately half of all web privacy policies are non-compliant and risk enforcement action

It has been said for some time that data is the new oil, but many global organizations continue to struggle to comply with regulatory requirements when it comes to the exploitation of this valuable resource....more

9/5/2013 - Data Collection Data Protection GPEN Personally Identifiable Information Privacy Policy Websites

Personal Data Transfers from the European Economic Area: Time to Consider Binding Corporate Rules 2.0

What exactly is the '"best" solution for an international business needing to handle and transfer personal data across borders? This has become an increasingly important and common question as business becomes more...more


The Emergence of an Implied Duty of Good Faith in Contracts Governed By English Law

One of the issues that distinguishes U.S. law from English law is the concept of an implied contractual duty of good faith. While U.S. law has embraced this concept, it was believed that English law had not. However, as a...more

3/6/2013 - Covenant of Good Faith and Fair Dealing

New Binding Corporate Rules Now Available for Data Processors

In a further push towards “privacy by design,” the Article 29 Working Party, which is made up of representatives from the various EU data protection authorities, has recently approved the use of Binding Corporate Rules...more

1/28/2013 - Binding Corporate Rules Data Processors Data Protection EU European Commission International Data Transfers

Processing personal data in Europe? New Binding Corporate Rules for data processors since 1 January 2013

On 1 January 2013, over 4 years after the idea was first discussed, new Binding Corporate Rules (BCRs) for data processors were launched following a meeting of European data protection authorities....more

1/14/2013 - BCRs Data Protection EU Data Protection Laws

15 Results
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.