When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
Is it hyperbolic to say that never before have we seen a quieter, yet more anticipated and welcome end to a year than in 2020? For some, 2020 is a year the sooner forgotten, the better. In data privacy and security law, a lot...more
Updates on the EU: German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers. On June 7, 2016, the European Commission adopted the EU-U.S. Privacy Shield. One question that many...more
The European Union announced on October 26, 2015, that it had reached an agreement “in principle” with the United States on a new transatlantic data-sharing pact—though a final agreement between the parties is likely still...more
On October 20, the U.S. House of Representatives passed the Judicial Redress Act (the “Act”) to allow European Union residents to challenge certain privacy violations by the U.S. government in U.S. courts. If passed by the...more
New California Employment Laws on Fair Pay, Waiver of Meal Periods - Why it matters: California continues its focus on employment-related legislation. Touted as the toughest law of its kind in the nation, Senate...more
Over the course of the coming weeks, we will examine the various options available to companies in light of the European Court of Justice’s (CJEU) decision invalidating the US-EU Safe Harbor framework, including model...more
With EU Safe Harbor Invalidated, Companies Ask: What Now? - What happens now?: That is the question that businesses across the country are asking after the Court of Justice of the European Union (CJEU) threw out the...more
The Judicial Redress Act of 2015 (H.R. 1428) (Judicial Redress Act) is on its way to the U.S. Senate. On October 20th, the U.S. House of Representatives voted in favor of passage. The Judicial Redress Act extends...more
As all of our readers know by now, as of October 6, the US-EU Safe Harbor Framework is no more. Safe Harbor was the mechanism on which thousands of US companies (and thousands of companies based in the European Union)...more
On October 20, 2015, the Irish High Court ordered the Irish Data Protection Commissioner (DPC) to investigate Facebook’s European data privacy practices, bringing Max Schrems’ three-year fight full circle. The Court quashed...more
As we wrote on October 6, 2015, the Court of Justice of the European Union (CJEU) announced its invalidation of the U.S.-EU Safe Harbor program as a legally valid pathway for transferring personal data of European Union (EU)...more
Just one week after the milestone decision rendered by the CJEU to invalidate the Safe Harbor program established 15 years ago between the U.S. and the EU to facilitate the transfer of personal data from the EU to the U.S., a...more
A landmark decision of the European Court of Justice (ECJ) has held that companies may no longer rely on “Safe Harbour” to justify transferring personal data from the European Union to the US, because the US Government has a...more
The so-called “Article 29 Working Party” of EU Data protection officials from the 28 EU member states today released a much-anticipated press release regarding the Court of Justice of the European Union (CJEU) landmark...more
In a concise statement, the Article 29 Working Party (WP29), a consortium of European Data Protection Authorities (DPAs), released a position paper today about the landmark ruling of the European Court of Justice in...more
On October 16, 2015, EU authorities gave the U.S. and European Union until the end of January 2016 6o find a replacement for the former US-EU Safe Harbor regime, or enforcement actions could begin. The full statement of the...more
Since the Article 29 Working Party on the Protection of Individuals (“WP29”) announced last week that it would it shortly issue a statement on the landmark CJEU ruling invalidating the Safe Harbor Decision (Schrems v. Data...more
Last week, the Court of Justice of the European Union (CJEU) gave an important ruling which any business transferring personal data between the EU and the United States should know about — in particular those that make use of...more
Earlier this month, privacy and security professionals from around the globe gathered for “Privacy. Security. Risk. 2015”—the second joint conference between the International Association of Privacy Professionals and the...more
The EU Parliament committee that is charged with considering data protection matters (LIBE) has issued a press release calling on the European Commission to take action before the end of 2015 to come up with alternatives to...more
With the recent ruling that the Safe Harbor programme is invalid under European law, life sciences companies will need to review their strategies when exporting patient data to the United States....more
In a recent landmark decision, Maximillian Schrems v. Data Protection Commissioner, Europe’s highest court struck down a US-EU agreement that allowed companies to move personal electronic data between the European Union and...more
The European Union’s highest court has, effective immediately, invalidated the US-EU Safe Harbor program relied upon by many companies as the basis for lawfully transferring and processing personal information from the EU to...more