On September 15, 2022, the European Commission published its Proposal for a Cyber Resilience Act (CRA) which sets out new requirements for hardware and software products in the EU.
The CRA applies to hardware and...more
10/31/2022
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
ENISA ,
EU ,
EU Data Protection Laws ,
Hardware ,
Proposed Regulation ,
Regulatory Agenda ,
Regulatory Requirements ,
Software ,
Vulnerability Assessments
The European Commission has published its new Standard Contractual Clauses (“SCCs”) for international transfers of personal data.
We have pulled out a few key questions and answers to address immediate issues...more
On November 10, the European Data Protection Board (“EDPB”) released its “Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data” (the...more
11/17/2020
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
What Happened?
On October 1, 2020, the Hamburg Data Protection Commissioner (“Hamburg DPA”) fined clothing retailer H&M 37.8 million dollars (EURO 35.2 million) for several violations of the GDPR....more
10/14/2020
/ Data Breach ,
Data Collection ,
Data Management ,
Data Protection ,
Data Retention ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
H&M ,
Personal Data ,
Retailers
What Happened?
On October 1, 2020, the Hamburg Data Protection Commissioner (“Hamburg DPA”) fined clothing retailer H&M 37.8 million dollars (EURO 35.2 million) for several violations of the GDPR....more
10/13/2020
/ Corporate Counsel ,
Data Collection ,
Data Management ,
Data Protection ,
Data Retention ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
H&M ,
Personal Data ,
Retailers
Yesterday, the Court of Justice of the EU (“CJEU”) issued a judgment with two important outcomes: (1) invalidation of the U.S.-EU Privacy Shield as a basis for transfers of personal data from the EU to the U.S.; and (2)...more
The European Data Protection Board (“EDPB”) recently released Guidelines 3/2018 on the territorial scope of the GDPR (Article 3). ...more
11/28/2018
/ Cybersecurity ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
New Guidance ,
Personal Data ,
Popular ,
Public Comment ,
Regulatory Oversight ,
Regulatory Requirements