News & Analysis as of

Cybersecurity Data Controller General Data Protection Regulation (GDPR)

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
A&O Shearman

English Court reviews the ICOs first GDPR fine (again)

A&O Shearman on

In December 2019, the UK Information Commissioner’s Office (ICO) imposed a fine of £275,000 on Doorstep Dispensaree Limited (DDL) for multiple contraventions of the GDPR. On December 9 2024, five years on and three judgments...more

Alston & Bird

EDPB Adopts Opinion on the Use of Processors and Sub-processors

Alston & Bird on

On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised...more

Morgan Lewis - Tech & Sourcing

GDPR: When Can Data Controllers Rely on 'Legitimate Interests' for Data Processing? New Guidelines from the EDPB

Morgan Lewis - Tech & Sourcing on

The European Data Protection Board (EDPB), the umbrella group of the EU’s data protection authorities, has issued new Guidelines 01/2024 of October 9, 2024 on the processing of personal data based on the legitimate interest...more

Wilson Sonsini Goodrich & Rosati

Cybersecurity: A Critical Element in Your 2025 Business Forecast

Wilson Sonsini Goodrich & Rosati on

As cyberattacks become more sophisticated, cybersecurity remains a top concern for regulators, consumers, business partners, and investors. Weak security can cause substantial harm to a company and lead to litigation,...more

Constangy, Brooks, Smith & Prophete, LLP

Legislative Update: Swiss Data Protection Act took effect September 1

Constangy, Brooks, Smith & Prophete, LLP on

The new Swiss Federal Act on Data Protection, known by the acronym “nFADP,” took effect on September 1. The law was enacted by the Swiss parliament in 2020. The law introduces new rights for Swiss citizens, but also...more

Osano

GDPR Compliance Checklist: 8 Steps You Need to Complete

Osano on

GDPR compliance can be tricky. Even if you summon the willpower to read through the law’s text, it can be tough to know where to start. As an alternative to pouring through the GDPR’s legalese, one way to establish a...more

Brownstein Hyatt Farber Schreck

U.S. Companies Now Have a Framework for EU-U.S. Personal Data Transfers

Brownstein Hyatt Farber Schreck on

In a significant milestone for EU-U.S. cross-border transfers of personal data under Article 45 of the General Data Protection Regulation (GDPR), the European Commission adopted an adequacy decision for the new EU-U.S. Data...more

A&O Shearman

Pakistan – MITT releases final draft of the personal data protection bill

A&O Shearman on

The Pakistan Ministry of Information Technology and Telecommunication (MITT) released a new draft of the Personal Data Protection Bill, 2023 (the PDPB) on 19 May 2023. The PDPB aims to regulate the collection, processing,...more

Faegre Drinker Biddle & Reath LLP

Meta Fines Expose EU Regulators’ Differences and Highlight Fundamental Issues for Data Controllers

Faegre Drinker Biddle & Reath LLP on

Meta Ireland (Meta) has recently been issued with two fines by the Irish Data Protection Commission (DPC) for breaches of the EU General Data Protection Regulation (GDPR) relating to advertisements run on its Facebook and...more

Hogan Lovells

Clinical trials in Spain: Takeaways from the new code of conduct (Part 1)

Hogan Lovells on

Last week we raised our hands to inform you about the Spanish Data Protection Authority’s approval of the "Code of Conduct on the processing of personal data in the field of clinical trials and other clinical research as well...more

Dechert LLP

Belgian DPA Fines IAB: Rough Waters Ahead for Ad Industry

Dechert LLP on

On February 2, 2022, the Belgian Data Protection Authority (“DPA”) issued a decision finding that the Interactive Advertising Bureau ("IAB”) Europe’s Transparency and Consent Framework (“TCF”) violates key provisions of the...more

Cooley LLP

‘Controller,’ ‘Processor’ and ‘Transfer’: Some GDPR Concepts Re-Explained

Cooley LLP on

Happy Data Privacy Day! Many companies are still struggling with some basic concepts of the General Data Protection Regulation, such as “controller,” “processor” and “transfer” of personal data. The European Data Protection...more

A&O Shearman

Data: A new direction?

A&O Shearman on

As the UK looks to find a new and post-Brexit direction, the UK Government is setting its agenda for developments in regulation, particularly when it comes to technology, data and innovation. We have seen the recent...more

Morgan Lewis

Personal Information Protection Law: China’s GDPR Is Coming

Morgan Lewis on

China’s long-awaited Personal Information Protection Law (PIPL), after two rounds of draft versions, was finally passed by the Standing Committee of the National People's Congress on August 20, 2021, with the law effective...more

Knobbe Martens

European Commission Refreshes Standard Contractual Clauses

Knobbe Martens on

The European Commission (“EC”) has long sought to improve data privacy for Europeans, even when they interact with global or non-European companies.  Laws like the General Data Protection Regulation (or “GDPR”) seek to...more

Kramer Levin Naftalis & Frankel LLP

European Commission Adopts New Standard Contractual Clauses for Data Transfers

Kramer Levin Naftalis & Frankel LLP on

On June 4, the European Commission (EC) adopted two sets of standard contractual clauses (SCCs) for use between controllers and processers in the European Economic Area (EEA) and for the transfer of data between EEA and...more

Mintz - Privacy & Cybersecurity Viewpoints

European Commission Adopts New Service Providers Standard Agreement (Controller-Processor SCCs)

Mintz - Privacy & Cybersecurity Viewpoints on

The new standard agreement for service providers (which we’ll refer to as the Controller-Processor SCCs) adopted by the European Commission on June 4th was understandably a bit overshadowed by the release on the same date of...more

Wyrick Robbins Yates & Ponton LLP

The EU Commission’s New SCCs for International Transfers: Top 5 Immediate Takeaways

Wyrick Robbins Yates & Ponton LLP on

Ending months of anxious speculation from privacy lawyers around the globe, the European Commission announced on Friday that it had adopted final versions of the new Standard Contractual Clauses (the “New SCCs”) for the...more

Hogan Lovells

Compatibility test: Can I process lawfully collected personal data for a new purpose?

Hogan Lovells on

When launching a project that involves processing of personal data, previously collected for a different purpose, what are the requirements? Companies usually focus on the legal basis of processing and information duties, but...more

BakerHostetler

New EDPB Draft Guidance Provides Practical Scenarios for Data Breach Notification Analysis Under the GDPR

BakerHostetler on

In certain cases, the General Data Protection Regulation (GDPR) requires entities that experience a personal data breach to provide notice of the incident to relevant national supervisory authorities and the individuals whose...more

Goodwin

Nowhere To Hide: Controllers have “Constructive Awareness” Of Processor Data Breaches

Goodwin on

On December 15, 2020, Ireland’s Data Protection Commission (“DPC”) announced its decision to fine Twitter International Company (“Twitter”) €450,000 for failing to notify the DPC promptly of a data breach affecting EU...more

Dechert LLP

New ICO Guidance on Subject Access Requests

Dechert LLP on

The Information Commissioner’s Office (ICO), the UK’s data protection authority, has recently published updated guidance on an individual’s right to access their personal data. This OnPoint considers the key issues arising...more

Akin Gump Strauss Hauer & Feld LLP

New DIFC Data Protection Law in Force - What You Need to Know

Akin Gump Strauss Hauer & Feld LLP on

On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more

Hogan Lovells

Nueva guía del Comité Europeo de Protección de Datos sobre (co)responsable y encargado bajo el RGPD

Hogan Lovells on

Aunque los conceptos de responsable y encargado del tratamiento han sido ampliamente estudiados y analizados en el pasado, el Comité Europeo de Protección de Datos ha publicado recientemente una guía en la que, además de...more

Akin Gump Strauss Hauer & Feld LLP

European Data Protection Board Forms Two New Taskforces to Address Schrems II Aftermath

Akin Gump Strauss Hauer & Feld LLP on

On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more

90 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide