Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more
Artificial Intelligence (“AI”) Is A Complicated Technology Developed With Data. This Saddles AI It With A Host Of Potential Privacy Regulations, Including Europe’s Data Protection Law, The General Data Protection Regulation...more
A year ago, on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into force. With its extraterritorial scope and detailed requirements, the GDPR aimed to change the approach to personal data...more
At the beginning of this month, more than 4,000 privacy professionals from around the globe gathered in Washington, D.C. for the International Association of Privacy Professionals’ Global Privacy Summit 2019....more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" has not changed. Any entity that was a processor under the Directive likely continues to be a processor under the GDPR. However,...more
Unfortunately, no industry or business is immune from data security events. Nearly every business collects some form of personal information, whether it involves your employees, customers, vendors, or all of the above....more
The EU General Data Protection Regulation (GDPR) did NOT make all processing of personal data unlawful, though it seems than many think this, says Michael Kaiser, data protection officer at the Hesse Data Protection Authority...more
Companies face substantial challenges in complying with breach notification requirements under Article 33 of the General Data Protection Regulation (GDPR). Article 33 requires a data controller to report a personal data...more
The General Data Protection Regulation (GDPR) significantly expanded the territorial scope of EU data protection law. This was intended to ensure comprehensive protection for EU data subjects’ rights and establish a level...more
Six months have now passed since the implementation of the EU General Data Protection Regulation (GDPR). The GDPR has raised awareness of the importance of personal privacy as a fundamental right and placed data protection...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Data Protection Board's published opinions on data protection impact assessments, an Ohio court's ruling that bitcoin is covered insured...more
After its implementation in May 2018, the European Union General Data Protection Regulation (GDPR) continues to dominate headlines in many industries, including technology. On September 25, 2018, Facebook discovered a...more
On 4 September, the Legislative Decree no. 101 of 10 August 2018 (the “Decree”) for the national implementation of General Data Protection Regulation (EU) 2016/679 (the “GDPR”) has been published in the Official Journal. ...more
More than 15 years after the adoption of the Data Protection Directive, the European Commission noticed that the current legislative framework on data protection did not adequately deal with the risks associated with online...more
If you have ever made an online purchase, chances are that you have received at least one email in the last month notifying you that a company’s privacy policy has changed. ...more
At Mitratech, I work in the division of the company that develops solutions in the areas of governance, risk, and compliance (GRC). At first blush to an outsider, this may not sound very exciting and might even sound somewhat...more
JONES DAY CYBERSECURITY, PRIVACY & DATA PROTECTION ATTORNEY SPOTLIGHT: Richard Martinez - Europe's new General Data Protection Regulation ("GDPR") is driving an evolution in corporate privacy practices globally. As...more
The new General Data Protection Regulation (GDPR), which came into effect May 25, 2018, arguably applies to all companies that collect and process data belonging to European Union (EU) citizens. The GDPR claims...more
Just days after the European Union’s widely-discussed new data privacy regulations, the General Data Protection Regulation (“GDPR”), took effect on May 25, 2018, another EU-wide legal change quietly occurred. ...more
This article is Part 4 of our series on the GDPR for U.S.-based companies. Part 1 assisted U.S.-based companies in determining whether the GDPR applies to them; Part 2 provided an overview of the GDPR’s key concepts and...more
Key Recent Developments: - GDPR Goes Live in the EU with Global Reach and Tough New Data Breach Notification Requirement. Arizona and Other U.S. States Toughen Data Breach Notification Laws Amidst Escalating Cyber...more
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) took effect. Although EU laws typically don’t have a worldwide impact, the GDPR will impact business across the globe. The GDPR has an extremely...more
As cybersecurity incidents affecting Target, Home Depot, Anthem, Sony, Ashley Madison, and many other companies have demonstrated, cybersecurity poses a significant legal risk to companies. ...more
The European Union (EU) General Data Protection Regulation (GDPR) comes into effect on May 25, 2018, so in less than 60 days. While many companies have been working to ensure compliance with respect to their customer and...more