The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
No Password Required: LIVE From Sunshine Cyber Con
Key Point: The European Commission has adopted an adequacy decision for the EU-U.S. Data Privacy Framework, which allows certain businesses to transfer data from the EU to the U.S. without the need for additional transfer...more
On May 22, Ireland’s Data Protection Commission (DPC) announced that it had imposed a €1.2 billion fine on Meta Platforms for violating the European Union’s General Data Protection Regulation (GDPR) in its use of standard...more
On January 19, the Irish Data Protection Commission (DPC) announced the conclusion of an inquiry into the data processing practices of a U.S.-based messaging service’s Ireland operations and fined the messaging service €5.5...more
Meta Ireland (Meta) has recently been issued with two fines by the Irish Data Protection Commission (DPC) for breaches of the EU General Data Protection Regulation (GDPR) relating to advertisements run on its Facebook and...more
The guidance outlines steps that organizations should take to enhance data security as hybrid working and learning introduce new risks. On August 30, 2022, the Office of the Privacy Commissioner for Personal Data of Hong...more
This article discusses briefly the various possible liabilities for data protection breaches under China’s main laws, regulations and statutory instruments governing the protection of personal information. Introduction -...more
Ireland’s Data Protection Commission has imposed a fine of €225 million (more than $267 million) on WhatsApp, a popular messaging app owned by Facebook. Here are some key takeaways for companies subject to GDPR:.....more
Pathways for U.S. companies to transfer personal data out of the European Union have been repeatedly blocked by EU authorities concerned by what they perceive as gaps in data protection under U.S. laws. Schrems I invalidated...more
On December 15, 2020, Ireland’s Data Protection Commission (“DPC”) announced its decision to fine Twitter International Company (“Twitter”) €450,000 for failing to notify the DPC promptly of a data breach affecting EU...more
Cross-border and international discovery can be complicated. And the recent invalidation of the EU-U.S. Privacy Shield Program by the European Union Court of Justice in Irish Data Protection Commissioner v. Facebook Ireland...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Commission's second annual review of the Privacy Shield and the Department of Commerce's guidance on how to comply with the Privacy Shield...more
The Irish Data Protection Commissioner (DPC) has launched a public consultation on children and data protection issues. The consultation will have two streams: one aimed at adult stakeholders, and the other aimed directly...more
Following the recent legalization of cannabis, private retailers are open for business from coast to coast. While cannabis remains illegal in other jurisdictions, cannabis users' personal information is highly sensitive. In...more
In an important case involving Facebook, and instigated by an Austrian student in response to the Snowden revelations about US security agency access to mass data, the Advocate General (“AG”) to the Court of Justice of the...more