Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
On May 21, 2024, France adopted law No. 2024-449 to secure and regulate the digital space. This law grants new enforcement powers and authority to the French Data Protection Authority (CNIL), including to seize documents,...more
Mayer Brown Partners Ana Bruder, Justin Herring, and Oliver Yaros focus on cybersecurity risks and regulations in the EU and UK. They explore third-party risks, ransomware incidents, and the impact of AI, while examining how...more
Beginning October 12, 2023, the UK-U.S. Data Bridge will allow UK companies to transfer personal data to the United States using the new EU-U.S. Data Privacy Framework....more
On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concluded that the United States does ensure an adequate level of protection for transferring...more
On 10 July 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (the DPF). With immediate effect, the adequacy decision provides a new lawful basis for transfers from...more
On July 10, 2023, the European Commission (“Commission”), which oversees and implements policies and laws of the European Union (“EU”), adopted an adequacy decision for the long-awaited EU-U.S. Data Privacy Framework...more
On June 28, 2023, the European Commission (EC) published a Proposal for a Regulation on Financial Data Access (FIDA). FIDA aims to create a framework through which data holders (e.g., banks, credit institutions) share the...more
Updated June 2023 - The BCLP Data Privacy & Security team is tracking EU law developments relevant to data and cyber security. This tracker summarizes the effect and status of the following: the Digital Services Act, the...more
For American companies doing business in Europe and European businesses relying on U.S. vendors and service providers, 2023 may be the year when Europe and the United States finally come together to implement a viable and...more
On 10 November 2022, the European Parliament approved two significant pieces of cybersecurity legislation: The Network and Information Security 2 Directive (“NIS2”); and The Digital Operational Resilience Act (“DORA”)....more
Businesses today are data driven and data dependent, but the rules that govern how data can be used and shared across borders are becoming increasingly tricky for international organizations to navigate, subject to constantly...more
Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
Das Portal fragdenstaat.de (Link) hat einen Fragebogen der Hamburgischen Datenschutzbehörde veröffentlicht, mit Hilfe dessen die Behörde die Umsetzung des Schrems-II-Urteils exemplarisch am Einsatz von Office 365 überprüft....more
On December 15, 2020, the European Commission (EC) unveiled a set of proposals to regulate digital platforms. The draft laws include antitrust-related requirements, addressed by the Digital Markets Act (DMA) and more general...more
Meet the Euro-crats who think that the European Union needs to behave more like Russia and China. More like Nigeria, Kazakhstan, and Indonesia. These leaders are pushing not just to punish U.S. firms for successfully...more
In September 2020, the UK government published its National Data Strategy (“NDS”), aiming to use data to boost the UK economy and to “unlock the power of data for the UK,” particularly in light of Brexit. The NDS is intended...more
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
More than 60 U.S. and global data protection authorities and governmental agencies have issued guidance on health data collection, COVID-19 diagnosis disclosure, work-at-home practices, and return-to-work approaches. The...more
Under GDPR, companies are required to keep certain records of their processing activities. There has been some question about the types of records controllers should keep. To help clarify the questions arising from many...more
A year ago, on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into force. With its extraterritorial scope and detailed requirements, the GDPR aimed to change the approach to personal data...more
Dear GDPR, Before you were born, you already attracted a lot of attention, after all, not everyone is born over two years after they are conceived and has 28 parents! And your parents had to ?resist an enormous pressure...more
The European Union’s (EU) ambitious and far-reaching regulation, the General Data Protection Regulation (GDPR), became effective on 25 May 2018. On the one-year anniversary, we reflect on some of the principal developments...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
As we previously reported the EU and Japan reached a tentative deal last summer to ease data transfer restrictions between them. That deal has now been approved by both the European Commission and by Japan and is effective...more
Six months have now passed since the implementation of the EU General Data Protection Regulation (GDPR). The GDPR has raised awareness of the importance of personal privacy as a fundamental right and placed data protection...more