When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
If you have been doing business with entities in the European Union, chances are that you have struggled to figure out how to transfer data from the EU to the US without running afoul of the General Data Protection Regulation...more
If your business transfers data from the European Union to the United States, you’ve likely been keeping an eye on the EU-U.S. Data Privacy Framework (EU-U.S. DPF) for the past several years. The long-awaited adequacy...more
With data privacy landscapes changing around the globe, how can organizations handle cross-border deals while still remaining compliant? This has been a burning question over recent years....more
On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concluded that the United States does ensure an adequate level of protection for transferring...more
On 10 July 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (the DPF). With immediate effect, the adequacy decision provides a new lawful basis for transfers from...more
On July 10, 2023, the European Commission adopted its much-anticipated adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concludes that the US ensures an adequate level of protection—comparable to...more
Key Point: The European Commission has adopted an adequacy decision for the EU-U.S. Data Privacy Framework, which allows certain businesses to transfer data from the EU to the U.S. without the need for additional transfer...more
The United States ("U.S.") and the European Commission ("EU Commission") recently announced an “agreement in principle” to develop a new Trans-Atlantic Data Privacy Framework (“Framework”). The Framework is intended to...more
U.S. companies will face restrictions on transferring and storing information about European residents after the European Court of Justice ruled that such transfers exposed Europeans to American government surveillance...more
Businesses are now prohibited from transferring employee personal data from the European Economic Area (EEA) to the U.S. under the EU-U.S. Privacy Shield program. The Court of Justice of the European Union (CJEU) declared the...more
The European Data Protection Board (EDPB) has issued its much anticipated FAQs on the Court of Justice of the European Union's (CJEU) Schrems II decision. This document does not yet contain the "supplementary measures" that...more
There is a lot currently happening in the European Union. From the latest European Court opinions with respect to merger clearance, dominance violations, data protection and state aid to Brexit, we’re checking in with our...more
The Court of Justice of the European Union just ruled that an important data protection scheme established between the European Union and the United States is invalid, calling into question many aspects of important data...more
The Court of Justice for the European Union (CJEU) on July 16, 2020, invalidated the EU-U.S. Privacy Shield as an approved mechanism for transferring personal data from the European Union to the United States. This decision...more
On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield, ruling, among other things, that U.S. domestic law...more
We reported in July 2019 that the Court of Justice of the European Union (CJEU) heard a case brought by privacy-rights activist Max Schrems, challenging the validity of Standard Contractual Clauses (SCCs), which are widely...more
Three years ago, the European Court of Justice killed the US-EU Safe Harbor Program. In the wake of the decision, American and EU negotiators developed the “Privacy Shield” program to facilitate cross-Atlantic data transfers....more
On June 12, 2018, following its extraordinary meeting the day before in Strasbourg, the European Parliament’s Civil Liberties, Justice and Home Affairs Committee (“LIBE”) called on the European Commission (“Commission”) to...more
The Prime Minister has given the clearest indication yet of what the UK will seek in the Brexit negotiations. Access to each side’s markets is going to be less than it is today. ...more
In case you had not heard, the European Union is replacing its current privacy laws with a new, comprehensive General Data Protection Regulation (GDPR), which takes effect May 25, 2018. The essential principles of the EU’s...more
On November 28, 2017, the statutorily-appointed independent EU advisory body known as the Article 29 Working Party (“WP29”) released its report following the First Annual Joint Review on the EU-U.S. Privacy Shield (“Privacy...more
In reviewing the first year of implementation of the European Union-United States Privacy Shield, the Commission to the European Parliament and the Council declared it “adequate.”...more
On October 18, 2017, the EU Commission released its report of the first annual review of the EU-U.S. Privacy Shield framework. The Privacy Shield is the successor of the Safe Harbor Agreement which was invalidated by the...more
European Union (“EU”) Commissioner Vera Jourová will meet with U.S. President Donald Trump this month to discuss the future of the EU-U.S. Privacy Shield (“Privacy Shield”) accord which imposes obligations on U.S. companies...more
US companies with employees or clients in Switzerland will be interested to hear that the new Swiss-US Privacy Shield was approved on 11 January. Although Switzerland is not a member of the European Union, its data...more