Enforceable in all EU member states on 25 May 2018, the General Data Privacy Regulation will require action by organisations both inside and outside the European Union to ensure compliance with this far-reaching privacy legal...more
This article briefly introduces the emerging regulatory framework for autonomous and connected vehicles in the US and in certain key jurisdictions around the world, with particular emphasis on regulations pertaining to...more
1/23/2018
/ Australia ,
China ,
Cybersecurity ,
DRIVE Act ,
Driverless Cars ,
EU ,
France ,
Germany ,
Japan ,
Motor Vehicles ,
NHTSA ,
UK
The Illinois Biometric Information Privacy Act is having its moment. At least 32 class action lawsuits have been filed by Illinois residents in state court in the past two months challenging the collection, use and storage of...more
The validity of Model Clauses for EU personal data transfer to the United States is now in real doubt as a result of a new Irish High Court opinion stating that there are “well founded grounds” to find the Model Clauses...more
The US Department of Transportation’s National Highway Traffic Safety Administration recently released A Vision for Safety 2.0, an update to its prior guidance on automated driving systems. The new guidance adopts a...more
New cybersecurity regulations issued by the NYDFS define the nonpublic information they regulate in exceptionally broad terms. This expanded definition of Nonpublic Information will create major challenges for regulated...more
On 6 August 2017, the UK government released ‘The Key Principles of Vehicle Cyber Security for Connected and Automated Vehicles’, guidance aimed at ensuring minimum cybersecurity protections for consumers in the manufacture...more
The government is continuing to ask for more help from the private sector to defend against cyber attacks. The National Infrastructure Advisory Council (NIAC) recently published a report discussing current cyber threats and...more
Nationalism and Cross-Border M&A: Navigating Populist Politics in Deal Making -
More than half of the G20 countries voted-in campaigns that focused on harming foreign, outside interests as a means to strengthen domestic...more
9/5/2017
/ ACOs ,
Acquisitions ,
Arbitration ,
Arbitration Awards ,
Artificial Intelligence ,
China ,
Customer-Loyalty Programs ,
Data Breach ,
Data Controller ,
Data Privacy ,
Due Diligence ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Care Providers ,
Hospitals ,
India ,
Joint Venture ,
Long-Term Investment Funds ,
Mergers ,
Personal Data ,
Shareholders ,
UK
Privacy Shield Implementation and How-To Kit from McDermott Will & Emery -
Japanese companies may have European branches or subsidiaries that send personal data to the US or that may be accessed by entities in the US,...more
The forthcoming General Data Protection Regulation will expand the legal obligations of companies that process EU personal data when they suffer a data breach. Every company faces the risk of a data breach that might trigger...more
In today’s digital age, data privacy and security incident response plans are critical. Companies need to have a well-designed cybersecurity plan to protect their systems from attacks and respond to a crisis when they are...more
A recent decision from a federal court in California found that a retail pharmacy’s “flu shot reminder” calls to mobile phones fall within the FCC’s TCPA safe harbor for exigent health care treatment messages. But the holding...more
The European Commission recently determined that the Privacy Shield Framework is adequate to legitimize data transfers under EU law, providing a replacement for the Safe Harbor program. The Privacy Shield is designed to...more
8/31/2016
/ Binding Corporate Rules ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Model Clauses ,
Notice Requirements ,
Personal Data ,
Private Right of Action ,
Self-Certification ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
The US Department of Health and Human Services (HHS) has recently issued guidance under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and...more
8/8/2016
/ Breach Notification Rule ,
Business Associates ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Guidance ,
PHI ,
Ransomware ,
Software