The last two months certainly have been eventful in the world of privacy. In this issue of The WSGR Data Advisor, we examine the Court of Justice of the European Union’s recent and highly significant Schrems decision that invalidated the U.S.-EU Safe Harbor framework. We also present the third article in our series discussing the importance of data considerations in the transactional context with a look at privacy and data security due diligence. And, we explore two recent settlements with the California Attorney General, including the largest privacy settlement on record.

From the regulatory side, we provide a recap of the FTC’s first “Start with Security” conference, we discuss recent data security guidance from the SEC, we detail guidance from The PCI Security Standards Counsel on responding to a data breach, and we examine the permanent HIPPA privacy and security audit program, which will be launched in early 2016. Finally, we discuss another landmark decision in the EU addressing the territorial scope of application of national data protection laws.