Compliance with the New EU-US Data Privacy Framework
Privacy pros are passionate about doing good work, in every sense of the word. Yes, we care about managing privacy as thoroughly and efficiently as possible (and not getting fined). But we are all in this line of work for a...more
The Israeli Privacy Protection Authority (PPA) has issued a new statement introducing a significant change in the interpretation of the law and in the required methods for obtaining consent to the collection and processing of...more
President Trump recently fired the three democrats on the Privacy and Civil Liberties Oversight Board (PCLOB). Since these firings bring the Board to a sub-quorum level, they have the potential to significantly disrupt...more
The Swiss Federal Council has added the U.S. to the list of countries with an adequate level of data protection. Effective September 15, 2024, U.S. organizations that certify to the Swiss–U.S. Data Privacy Framework (DPF) can...more
A new report issued in May 2024 by the Centre for European Policy Studies (CEPS), an independent thinktank, is the latest installment to cast concerns over the EU-U.S. Data Privacy Framework (DPF), predicting that it will...more
U.S. Senate and House committee chairs took a decisive step toward enacting national data privacy legislation with the release (in draft) of the American Privacy Rights Act (APRA) on March 31. Sen. Maria Cantwell, D-Wash.,...more
During 2023, privacy protection and artificial intelligence regulation continued apace and their implications continued to be a major focus in Israel and around the world. In Israel, this was reflected in a number of...more
Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
Welcome to the July – September 2023 issue of our Irish Quarterly Legal and Regulatory Developments report for asset management and investment funds. This report covers key dates and developments during the quarter, such...more
On 12 October the UK–U.S. “data bridge” becomes operational, providing an additional, compliant route for UK-outbound transfers of personal data to U.S. organisations that are EU-U.S. Data Privacy Framework members. UK...more
Beginning today, the UK adequacy decision for US data protection measures goes into effect. As a result, UK companies can transfer personal information to entities in the US that are participants in the EU-US Data Privacy...more
The UK government has published the Data Protection (Adequacy) (United States of America) Regulations 2023 (SI 2023/1028) (the UK-US Data Bridge Regulations) which adopted an adequacy decision for the US (the UK-US Data...more
The UK-US data bridge is the UK Government’s preferred terminology to describe its decision to permit the flow of personal data from the UK to the US, achieved through the UK Extension to the EU-US Data Privacy Framework. The...more
With data privacy landscapes changing around the globe, how can organizations handle cross-border deals while still remaining compliant? This has been a burning question over recent years....more
On 11 July 2023, the Department of Commerce’s International Trade Administration (ITA) published an operational update (Update) on implementation of the EU-U.S. Data Privacy Framework (DPF). Significant takeaways for Privacy...more
On March 28, Iowa Governor Kim Reynolds signed into law an Iowa consumer privacy act (SF 262), making the state the sixth to adopt what is generally considered a comprehensive consumer privacy law. The law takes effect on...more
California Privacy Protection Agency Releases Revised Regulations - With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
...This session, led by industry-acknowledged experts in areas ranging from data protection and privacy to data transfer and legal discovery, provided a professional forum for the explanation of the best approaches,...more
On Friday, March 25, President Biden and European Commission President Ursula von der Leyen announced a new agreement in principle for trans-Atlantic data flows. Although details about the new Trans-Atlantic Data Privacy...more
Over the span of five months in 2021, our team published a series of articles on how to implement the five core functions of the National Institute of Standards and Technology (NIST) Privacy Framework. We wrote an initial...more
This is the final installment in a series of articles on the core functions of the National Institute of Standards and Technology (NIST) Privacy Framework where we cover the Protect function. As previously published in an...more
In this fourth installment of five articles centered around the core functions within the National Institute of Standards and Technology (NIST) Privacy Framework, we cover the Communicate function and the corresponding...more
As data protection and privacy become a higher corporate priority, compliance and risk professionals would be wise to leverage frameworks in their privacy programs. A compliance framework is a structured set of guidelines to...more