Life with GDPR - Meta Fined €405 million by Irish Data Protection Commission
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
NSA and CISA Release Report on “Top Ten” Cybersecurity Misconfigurations; CISA Calls for Software Manufacturers to Implement Best Practices - On October 5, 2023, the United States National Security Agency (NSA) and...more
ust over a year ago, on 21 April 2022, the seven economies (Canada, Japan, the Republic of Korea, the Philippines, Singapore, Taiwan, and the USA) participating in the Asia-Pacific Economic Cooperation (APEC) Cross-Border...more
We’re now approaching the five-year anniversary of the General Data Protection Regulation (GDPR) taking full effect. In the run-up to 2018 and the period afterwards, there were many predictions about the likely direction of...more
FBI Seizes Hive Ransomware Servers—Blocks US$130 Million in Demanded Ransoms - On January 26, Attorney General Merrick Garland announced that the Department of Justice dismantled the “Hive” ransomware group, which had...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
US and EU Life Sciences Law firms Fieldfisher & Gardner Law recently held a CLE event in Silicon Valley covering Healthcare Compliance, Data Privacy and Regulatory hot topics for MedTech and Pharma companies. Discussion...more
U.S. Government Releases Guide of ‘Minimum Baseline’ Cybersecurity Practices for Protecting Critical Infrastructure - The Cybersecurity & Infrastructure Security Agency (“CISA”) has released a guide to help organizations...more
Jonathan Armstrong and I return for another episode of the award-winning Life with GDPR and discuss the recent fine by the Irish Data Protection Commission levied against Meta €405 million for Instagram Data Protection...more
Keypoint: The CPA draft rules are a complex and lengthy set of regulations that, if adopted without substantial modification, will significantly expand the CPA’s requirements and require controllers to carefully consider...more
On 12 July 2022, the European Data Protection Board (EDPB) adopted Statement 02/2022 on Personal Data Transfers to the Russian Federation, in which it confirmed that data transfers to Russia require a data transfer impact...more
The French Data Protection Authority (CNIL) has released a Q&A providing its position, possible alternative solutions as well as guidance on using a compliant audience measurement solution. It follows a set of formal notices...more
Clearview AI Settles Biometric Data Privacy Suit with ACLU - On May 9, 2022, Clearview AI, Inc. (“Clearview”) and the American Civil Liberties Union (“ACLU”) announced an agreement to settle a lawsuit involving Clearview...more
The European Union (EU) and United States have reached a “deal in principle” to establish a new Trans-Atlantic Data Privacy Framework (Framework), which is meant to foster the exchange of data between the EU and U.S. This new...more
The U.S. and many other nations recently imposed unprecedented sanctions on Russia in response to Russia’s military action in Ukraine. More details about some of these sanctions can be found in Dechert’s related OnPoint...more
To close out 2021, the European Data Protection Board (EDPB) adopted additional General Data Protection Regulation (GDPR) data breach notification guidelines in Guidelines 01/2021 on Examples regarding Personal Data Breach...more
United Kingdom New Standard Contractual Clauses Submitted to Parliament - The United Kingdom has finalized its new International Data Transfer Agreement and Addendum to the new EU standard contractual clauses. Subject to...more
On 19 January 2022, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place earlier this week. The EDPB adopted new guidelines that provide guidance on various aspects of data...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
On Monday, 3 January 2022, the European Data Protection Board (“EDPB”) published the finalized version of its regulatory guidance entitled “Examples regarding Personal Data Breach Notification” (the “Guidelines”), following a...more
The German Data Protection Conference (DSK) issued guidance on the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (‘TTDSG’), which went into effect on December 1, 2021...more
EDPB Issues Draft Guidance on International Data Transfers - On November 18, 2021, the European Data Protection Board (“EDPB”) published draft guidance on the interaction between the GDPR’s transfer provisions set out in...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. The rapid pace at which technology and data privacy and security...more
On 19 October 2021, the European Data Protection Board (EDPB) announced that it has published its final guidelines on the restrictions under Article 23 GDPR (Guidelines) following the end of its public consultation and...more
We are delighted to introduce Dechert Cyber Bits, brought to you by members of our top-ranked, global Privacy & Cybersecurity practice. Cyber Bits is a bi-weekly publication that will provide a short summary of key...more