No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
Our Privacy, Cyber & Data Strategy Team discusses the new Cyber Resilience Act (CRA) that affects manufacturers and distributors of connected devices that are in use anywhere in the European Union....more
Forming part of the EU’s broader digital and cyber security strategy, the new Network and Information Systems Directive 2022/2555 (NIS2) came into effect on 18 October 2024 (this being the deadline by which the directive is...more
Introduction It wouldn't be much of an exaggeration to say that NIS2 is the acronym on everyone's lips. When coupled with its European sister legislation DORA, we encounter a regulatory twosome that make GDPR feel like...more
The UK-US Data Bridge (the "Data Bridge") has now come into effect, potentially simplifying transfers of personal data from the UK to the US. On 12 October 2023, the Data Bridge took effect. The Data Bridge allows UK...more
On 10 July 2023, the European Commission adopted the adequacy decision for the EU-U.S. Data Privacy Framework (DPF). This decision enables the free flow of personal data from the EU and three EEA countries (Iceland,...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
On July 10, 2023, the European Commission (EC) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF, or “Privacy Framework”), which establishes the Privacy Framework as an authorized mechanism...more
CYBERSECURITY - Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP - Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more
There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more
As of July 17, 2023, U.S.-based multinational employers that can access the personal data of their workforce members in the European Union (EU) via a human resources information system (HRIS), or otherwise transfer the...more
The U.S. Department of Commerce’s Data Privacy Framework (DPF) program website went live on July 17, and contains guidance documents for those companies wanting to know the costs and benefits of enrollment in the DPF...more
The European Union (EU) announced on July 10 that it had formally adopted the adequacy decision for the EU-U.S. Data Privacy Framework, which goes into effect on July 11. U.S. organizations have been without a...more
As we wrote in July 2020, the European Court of Justice issued a landmark decision that invalidated the Privacy Shield as untenable under the European General Data Protection Regulation (GDPR). The decision sparked...more
On Friday, March 25, President Biden and European Commission President Ursula von der Leyen announced a new agreement in principle for trans-Atlantic data flows. Although details about the new Trans-Atlantic Data Privacy...more
On 28 June 2021, within 48 hours of the expiration of the post-Brexit grace period under the UK-EU Trade and Cooperation Agreement, the European Commission has adopted two adequacy decisions addressing the transfers of...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the EU advocate general's decision in Schrems II, a federal court's ruling that an insurer owed coverage for a social engineering loss, the Chinese...more
The Situation: The European Union's Cybersecurity Act becomes effective on June 27, 2019. The Result: The Act will strengthen the ability of the European Union Agency for Network and Information Security ("ENISA") to help...more
In data 17 maggio 2019 sono stati pubblicati sulla Gazzetta ufficiale dell’Unione Europea il regolamento (UE) 2019/796 (“Regolamento”) e la decisione (PESC) 2019/797 (“Decisione”) del Consiglio Europeo concernenti “misure...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
Ambitious and broad-reaching, the Global Data Protection Regulation is impacting companies around the world. Listen as Partner Harriet Pearson and Head of our Privacy and Cybersecurity practice in Europe Eduardo Ustaran talk...more
Financial Industry Developments - New York Department of Financial Services Promulgates First-in-the-Nation State Cybersecurity Regulation - On February 16, 2017, the New York Department of Financial Institutions...more
Partner Harriet Pearson and Head of our Privacy and Cybersecurity practice in Europe Eduardo Ustaran discuss the Global Data Protection Regulation and what companies need to know now. ...more
Financial Industry Developments - Prohibition on Dealing or Investing in Industrial or Commercial Metals - On January 3, 2017, the Office of the Comptroller of the Currency (the "OCC") finalized a rule that...more
On December 15, 2015, the European Parliament and the Council of the European Union (Council) reached a political agreement on the future EU data protection legal framework. This is a significant step towards adoption of the...more
On March 3, BSA/The Software Alliance, a software industry advocacy group, released the EU Cybersecurity Dashboard: A Path to a Secure European Cyberspace (the “EU Dashboard”), an analysis of data security laws and policies...more