No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Life With GDPR - Data Transfer Update
Life with GDPR - Data Transfers from EU/UK to US
Everything Compliance - The Elon Etc Edition
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
White-collar crimes present investigators with intricate challenges that require precision, expertise, and advanced technology. In today’s high-profile investigations, the stakes couldn’t be higher, with reputations,...more
As 2025 progresses, one thing is clear—GDPR enforcement is not slowing down. In fact, regulators across Europe are intensifying their scrutiny, handing out significant fines and even warning executives of potential personal...more
The new Data (Use and Access) Bill is making its way through the parliamentary process, and is expected to be passed in the first half of 2025. The Bill proposes to amend the UK data privacy regime to make it easier for...more
The final rule establishes prohibitions and restrictions on the transfer of certain data due to national security risks from specified countries of concern....more
On Friday, December 27, 2024, the Justice Department issued a final rule to address “urgent national security risks posed by access to U.S. sensitive personal and government-related data from countries of concern and covered...more
The Federal Trade Commission recently settled complaints against two data brokers over their handling of consumers’ sensitive location information. The agency alleged that such practices constitute unfair practices. Under the...more
In 2023, NASA achieved a massive leap in data transmission — 200 gigabits per second using laser technology from space! Optical communications are rapidly transforming how we share data....more
In the ever-evolving landscape of data protection and privacy, the General Data Protection Regulation (GDPR) stands as the most significant legislative framework for processing personal data. Known for its extraterritorial...more
President Joe Biden issued Executive Order (EO) 14117 in February 2024 to mitigate national security risks posed by threat countries’ access to sensitive personal data and government-related data. The EO directed the U.S....more
On October 29, 2024, the Department of Justice (“DOJ”) published its Notice of Proposed Rulemaking (“NPRM”) to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data...more
Proposed rule would create new prohibitions on transactions of sensitive personal data and government-related data - The Department of Justice (DOJ) has proposed a new rule aimed at preventing access of China and other...more
The Second Circuit’s decision in Salazar v. NBA, No. 23-1147 (2d Cir. Oct. 15, 2024) creates significant risk for companies that offer videos for viewing on their websites and significantly expands potential liability under...more
For most employees, it is relatively easy to send information from the employer’s network to a private digital environment, such as personal e-mail or cloud storage....more
Business Email Compromise (BEC) has become a significant threat to organizations of all sizes, often resulting in hefty financial losses, operational disruptions, and reputational damage. Learn from HaystackID’s seasoned...more
As part of the latest developments regarding the personal data protection regulations in the Kingdom of Saudi Arabia ("KSA"), the Saudi Data and Artificial Intelligence Authority ("SDAIA") issued the Regulation on Personal...more
The EU Data Act is one of the cornerstones of the EU's Data Strategy and introduces a new and horizontal set of rules on data access and use to boost the EU's data economy. Most of the provisions of the Data Act will become...more
Effective September 22, 2024, Quebec's data portability right will come into force, marking the final phase of the implementation of the amendments to the Act respecting the protection of personal information in the private...more
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) has issued a €290 million fine to Uber for violating the EU’s General Data Protection Regulation (GDPR)....more
Last month, the European Data Protection Board – which is composed of the national data protection authorities (‘Supervisory Authorities’) of the countries in the European Economic Area (‘EEA’), as well as the European Data...more
The Swiss Federal Council has added the U.S. to the list of countries with an adequate level of data protection. Effective September 15, 2024, U.S. organizations that certify to the Swiss–U.S. Data Privacy Framework (DPF) can...more
Whether for social media advertisements, customer surveys, or email campaigns, a data licensing agreement is often at the center of arrangements concerning the use and transfer of consumer data. Join us for our September...more
Providers and payers contracting with Arizona’s Medicaid agency, the Arizona Health Care Cost Containment System (“AHCCCS”), and all such AHCCCS contractors’ subcontracts must reference and require compliance with the AHCCCS...more
Maretta Morovitz is the Engage Lead at MITRE, where she simplifies the planning of adversary engagement for cyber defenders. Maretta likens her cyber defense work to the movie Home Alone, setting a series of traps for the...more
Quick Hits Schrems II Recap Most people are now familiar with the Schrems II requirements to “know your transfers” and to protect personal data when such information is subject to processing (including remote access to...more
A new report issued in May 2024 by the Centre for European Policy Studies (CEPS), an independent thinktank, is the latest installment to cast concerns over the EU-U.S. Data Privacy Framework (DPF), predicting that it will...more