No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Life With GDPR - Data Transfer Update
Life with GDPR - Data Transfers from EU/UK to US
Everything Compliance - The Elon Etc Edition
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Quick Hits Schrems II Recap Most people are now familiar with the Schrems II requirements to “know your transfers” and to protect personal data when such information is subject to processing (including remote access to...more
In addition to its well-publicized move to prohibit more than 150 million Americans from posting embarrassing dance videos of themselves on TikTok (at least while it is Chinese-owned), the U.S. federal government recently...more
A data controller that is not a critical information infrastructure operator that cumulatively exports personal information (excluding any sensitive personal information) of less than 100,000 individuals since January 1 of...more
On March 5, 2024, the Department of Justice (DOJ) issued an Advance Notice of Proposed Rulemaking (ANPRM) regarding Access to Americans’ Bulk Sensitive Personal Data and Government-Related Data by Countries of Concern. The...more
NSA and CISA Release Report on “Top Ten” Cybersecurity Misconfigurations; CISA Calls for Software Manufacturers to Implement Best Practices - On October 5, 2023, the United States National Security Agency (NSA) and...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
Updated June 2023 - The BCLP Data Privacy & Security team is tracking EU law developments relevant to data and cyber security. This tracker summarizes the effect and status of the following: the Digital Services Act, the...more
In an era where our lives are ever more intertwined with technology, the security of digital platforms is a matter of national concern. A recent large-scale cyberattack affecting several U.S. federal agencies and numerous...more
In this episode, Jonathan Armstrong, a renowned expert in cyber security, and I delve into the hot-button issue of data transfers from the EU to the US. With potential new rulings looming, the replacement for privacy shield...more
For most large companies, a frictionless flow of information and the ability to transfer customer data, employee files, financial records and other information around the world quickly and cost-effectively is a critical...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
Keypoint: Businesses subject to the CCPA will need to revise their compliance programs before the exemptions expire on January 1, 2023. As previously reported, the California legislature had been considering multiple bills...more
...This session, led by industry-acknowledged experts in areas ranging from data protection and privacy to data transfer and legal discovery, provided a professional forum for the explanation of the best approaches,...more
Key Wireless Deadlines- SEC Requests Comment on Cybersecurity Reporting Requirements: The Securities and Exchange Commission (SEC) is proposing rules to enhance and standardize disclosures regarding cybersecurity risk...more
The German Data Protection Conference (DSK) issued guidance on the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (‘TTDSG’), which went into effect on December 1, 2021...more
On Oct. 29, 2021, the Cyberspace Administration of China (CAC) published the “Draft Measures on Security Assessment of Cross-Border Data Transfer” (Draft Measures) for comment through Nov. 28. The Draft Measures follow and...more
The Cyberspace Administration of China (“CAC”) on October 29, 2021 published the draft Measures on Security Assessment of Cross-Border Data Transfer (“Draft Measures”) for comment through November 28, 2021. The Draft Measures...more
Ransomware and other cybersecurity attacks have made national headlines during the past 12 months, and public pension systems are as susceptible to these attacks as any other organization. In this episode of Public Pensions &...more
Keypoint: China’s Personal Information Protection Law is a complicated regulatory regime that will require U.S. entities subject to its requirements to undertake substantial compliance efforts. Effective November 1, 2021,...more
On June 10, 2021, the National People’s Congress of the People’s Republic of China (PRC) approved the passage of the Data Security Law (DSL), which will take effect on Sept. 1, 2021. Overview - Unlike the PRC’s Cybersecurity...more
Industry's Annual Forum on MEU and MIEU Rules, New Legislation, Data Transfers and Emerging Technology Rules - ACI’s 3rd Virtual U.S.-China Trade Controls Conference will take place September 20, 2021, in a virtual format....more
China is continuing to move forward with its first comprehensive privacy law. China recently issued a second version of the draft Personal Information Protection Law (Draft PIPL) which will be open for public comments until...more
On Friday, March 26, 2021, over 180 attendees worldwide attended McKinsey & Company’s first Global HealthTech CEO Connect of 2021. The discussion focused on regulatory and legal considerations for software as a medical device...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
On 22 January 2021, the Digital Senior Officials’ meeting of the Association of Southeast Asian Nations (ASEAN) approved model contractual clauses for cross-border data flows (ASEAN Model Clauses) and related guidance on...more