Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
Following a public consultation on an initial version released last January, the European Data Protection Board (“EDPB”) last month adopted a final version of its Guidelines on Examples regarding Personal Data Breach...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
Companies face substantial challenges in complying with breach notification requirements under Article 33 of the General Data Protection Regulation (GDPR). Article 33 requires a data controller to report a personal data...more
Key Recent Developments: - GDPR Goes Live in the EU with Global Reach and Tough New Data Breach Notification Requirement. Arizona and Other U.S. States Toughen Data Breach Notification Laws Amidst Escalating Cyber...more
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) took effect. Although EU laws typically don’t have a worldwide impact, the GDPR will impact business across the globe. The GDPR has an extremely...more
Personal data is currency in the new world, and while the United States uses a sectoral approach to data privacy, the European Union (EU) treats privacy as a fundamental right of its citizens. Therefore, where U.S....more
Article 35 of the GDPR provides for Data Protection Impact Assessments (DPIA). According to Article 35(1) a DPIA is required when “the processing [of data] is likely to result in a high risk to the rights and freedoms of...more
The European General Data Protection Regulation (GDPR) will apply directly in the UK from 25 May 2018, and will make some fundamental changes to the current requirements surrounding data protection. Key areas of change...more
The European Union (EU) General Data Protection Regulation (GDPR 2016/679) will take effect on May 25, 2018. This regulation provides general guidance on what is needed for compliance, however many policies and procedures are...more
U.S. companies now have to consider breach notification requirements under the GDPR in addition to data breach notification laws in the U.S. (enacted by 48 states and numerous regulators). Follow our chart to determine if...more
What is a ‘personal data breach’? First things first, what exactly is a personal data breach? The GDPR defines it as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised...more
The GDPR harmonizes data protection laws across the EU and updates the current 20-year-old regime to take account of globalization and the ever-changing technology landscape. It will apply not only to EU companies, but to...more
Carrie, A couple of weeks ago, you wrote me about an employee who will be engaging in a six-month temporary assignment around Europe to scope market opportunities. The employee was Abbie Absent-Minded. Well, we hit a...more
What makes data privacy law interesting for academics, challenging for lawyers, and frustrating for businesses its shape-shifting structure in the face of rapidly changing technology. The recent change in the invalidation of...more
In this issue: - Proposed California Law Would Impose Data Breach Liability on Retailers and Create More Stringent Data Security Requirements for Businesses - FTC Continues Its Aggressive FCRA Enforcement and...more