On April 8, 2024, the FCC released a Further Notice of Proposed Rulemaking (FNPRM) seeking comment on a number of issues under the Safe Connections Act (SCA) specifically related to connected car services. As indicated by...more
The U.S. Department of Commerce's ("Commerce") Bureau of Industry and Security ("BIS") has issued a proposed rule (the "Proposed Rule") that would impose significant diligence, reporting, and recordkeeping requirements on...more
2/15/2024
/ Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
Cloud Service Providers (CSPs) ,
Cybersecurity ,
IaaS ,
Know Your Customers ,
Machine Learning ,
Patent Infringement ,
Penalties ,
Proposed Rules ,
Reporting Requirements ,
Training ,
U.S. Commerce Department
Swiftly on the heels of the U.S. announcing it fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the Framework), the European Commission (the EC) formally recognized that commercial organizations...more
7/14/2023
/ Court of Justice of the European Union (CJEU) ,
Data Security ,
Department of Justice (DOJ) ,
Department of Transportation (DOT) ,
Enforcement ,
EU Data Protection Laws ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Liability ,
Notice Requirements ,
ODNI ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
US-EU Safe Harbor Framework
In a significant move toward replacing the invalidated Privacy Shield, the European Commission (EC) released a draft Adequacy Decision on December 13, 2022, concluding that the U.S. legal framework provides an adequate level...more
In March 2022, the US and EU announced they had agreed in principle to a new Trans-Atlantic Data Privacy Framework (Framework) intended to simplify transfers of personal information. After months of waiting for the final...more
The Court of Justice of the European Union (CJEU) issued a long awaited opinion yesterday (July 16, 2020) in Data Protection Commissioner v. Schrems1 finding the EU-U.S. Privacy Shield inadequate for lawfully transferring the...more
Internet-based email services, such as Gmail, are not subject to European telecom regulation, the European Court of Justice has ruled.
The decision is a partial setback for EU telecom regulators’ efforts to require OTT...more
Telephone calling apps, such as Skype, Viber and Google Hangouts, are subject to European telecom regulation, the European Court of Justice has ruled. Such services may now be required to comply with EU obligations that apply...more
New “e-Evidence Regulation” Gives Direct Police Access to Data Across EU Borders and Abroad -
The European Union will require tech companies to provide data to European investigators stored in another EU country or even...more
Beginning August 1, U.S.-based companies that self-certify their compliance with the EU-U.S. Privacy Shield will be able to import data under the new data transfer framework. But how can your company best...more
U.S. companies will be able to import data from the EU under the streamlined data transfer regime starting August 1
Personal data transfers from the European Union are about to get easier for U.S. companies.
On July...more
The push for the European Union and the United States to reopen negotiations over the EU-U.S. Privacy Shield may have just become a shove, due to a recent opinion released by the European Data Protection Supervisor (EDPS)...more
On May 26, 2016, the European Parliament passed a resolution (2016/2727 (RSP)) calling on the European Commission (EC) to reopen negotiations with the United States to improve perceived “deficiencies” in the EU-U.S. Privacy...more
On May 4, 2016, the final version of the European Union’s General Data Protection Regulation (“GDPR”) was published in the Official Journal of the EU. The GDPR, which will replace the EU’s current Data Protection Directive,...more
The world of privacy grows every day as more data goes through the cloud. The new trends and weekly data breaches make conferences like the Global Privacy Summit all the more relevant.
Earlier this month we went to...more
4/25/2016
/ Broadband ,
Data Breach ,
FBI ,
FCC ,
Federal Trade Commission (FTC) ,
FERPA ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Audits ,
Internet Service Providers (ISPs) ,
OCR ,
Privacy Concerns ,
Risk Assessment ,
Student Privacy ,
Unfair or Deceptive Trade Practices
On April 13, 2016, the Article 29 Working Party, comprised of European data protection regulators, issued its opinion on the European Commission’s proposed EU-U.S. Privacy Shield. The Working Party commended the European...more
On February 29 the European Commission released its Draft Adequacy Decision and supplemental documents on the EU-U.S. Privacy Shield (“Privacy Shield”), giving businesses that transfer data from the European Union to the...more
3/8/2016
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
Court of Justice of the European Union (CJEU) ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
International Data Transfers ,
Personal Data ,
Popular ,
Safe Harbors ,
Schrems I & Schrems II
U.S. and EU officials have agreed on a Safe Harbor replacement just as a deadline from EU data protection authorities passed. However, the exact details of the new EU-U.S. Privacy Shield have not been released and...more
As has been widely reported, the U.S.-EU Safe Harbor – probably the most commonly used method for transferring personal data to the United States – has been invalidated by an EU court. The court’s decision has wide-ranging...more
10/8/2015
/ Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
A European court has taken an initial step toward invalidating the U.S.-EU Safe Harbor Framework, one of the primary means for transferring personal data of Europeans to the U.S. It adds more pressure on EU authorities and...more
Within the span of two days, both the Federal Trade Commission (FTC) and the U.S. Department of Justice announced initiatives meant to assuage the European Union’s concerns over trans-Atlantic data flows and to secure...more
The UK data protection watchdog has said that it will give search engines like Google some time to put measures in place to respond to requests to take down links in search results.
...more
This morning, the U.S. Department of Justice (DOJ) announced that a grand jury in the Western District of Pennsylvania has indicted five Chinese military officials on charges of computer hacking, economic espionage, and...more
Brazil’s long-debated “Internet Bill of Rights” has finally become law. The legislation, which passed the Brazilian Senate unanimously in April, is intended to secure equality of access to the Internet in Brazil—i.e., Net...more
The Court of Justice of the European Union, the highest court in the EU, declared the EU’s 2006 Data Retention Directive invalid in a judgment issued on April 8, 2014. The directive, which has been implemented via national...more