Although all fifty states now have data breach notification statutes on the books, a smaller but growing number of states have adopted substantive data privacy laws. The recently passed California Privacy Rights Act (CPRA)...more
The major current cybersecurity story involves a popular SolarWinds network managing software package, Orion. A sophisticated actor, with the signatures of a nation state, infiltrated Orion in a software update. Once inside,...more
A federal court has held that neither the work product nor attorney-client privilege doctrines shield a cyber expert’s report from discovery....more
2020 was a year like no other. From an unprecedented “work from home” shift to a blockbuster European court ruling to a mammoth cyber attack, businesses scrambled to adapt to an endless series of cyber challenges. 2021 shows...more
1/20/2021
/ Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Popular
The UK left the EU on January 31, 2020. On Christmas Eve, the two parties signed a Trade and Cooperation Agreement. Under the Agreement, EU personal data can be processed in the UK for six months. The European Commission will...more
Data Transfer from the European Union to the United States is a knotty process. The difficulties were compounded this summer when Europe’s highest court held the “Privacy Shield” program enabling U.S-E.U. data transfers...more
11/25/2020
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information
We have previously written about “phishing.” Phishing involves using social pressure to trick the recipient to send sensitive information, network control, or credentials, to hackers posing as authorized users....more
In 2015, the European Court of Justice struck down Safe Harbor, the legal device that enabled data transfers from the European Union to the United States. This summer, Safe Harbor’s successor, Privacy Shield, may meet the...more
Data privacy regulation tends to take one of two general approaches. In most of the world—but not in the United States—the approach is usually characterized as “omnibus.” Under an omnibus regime, privacy rights are defined at...more
The United States has traditionally taken a libertarian approach to data privacy: “what is not forbidden is permitted.” Outside sensitive sectors such as health (HIPAA) and finance (GLBA), the United States was historically...more
12/20/2016
/ Corporate Counsel ,
Data Privacy ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
National Security ,
Popular ,
Safe Harbors ,
Schrems I & Schrems II