On July 12, 2016, the EU Commission and the U.S. Secretary of Commerce announced the adoption of the EU-U.S. Privacy Shield (Privacy Shield). This announcement follows today's adequacy decision by the College of EU...more
7/13/2016
/ Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
International Data Transfers ,
Model Contracts ,
Ombudsman ,
Schrems I & Schrems II ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
On July 6, 2016, the European Parliament adopted the first-ever pan-European law on cyber security. The law, entitled the "Directive on the Security of Network and Information Systems" (NIS Directive), imposes security...more
Two recent developments have significantly increased the already uncertain legal landscape surrounding transatlantic data flows. Earlier today, the EU Parliament voted out a resolution calling on the European Commission (EU...more
On April 14, 2016, the European Parliament formally adopted the General Data Protection Regulation (GDPR). With this vote, the new EU data protection legal framework will become legally effective in two years and 20 days from...more
On April 13, 2016, the body of European Data Protection Authorities (DPAs)—the "Article 29 Working Party" (WP29)—issued its opinion on the new EU-U.S. Privacy Shield.1 The WP29 acknowledged that progress has been made with...more
With a new year come exciting new developments in the world of privacy and data protection. We are thrilled to announce the launch of the digital version of The WSGR Data Advisor. Please visit our site for the latest news and...more
On February 3, 2016, the body of European data protection regulators—called the "Article 29 Working Party" (WP29)—issued a statement following the announcement of a political agreement regarding a new transatlantic data...more
On February 2, 2016, the European Commission (EU Commission) announced that a political agreement on a new legal framework for data transfers has been reached between the European Union (EU) and the U.S.1 Today's agreement...more
On December 15, 2015, the European Parliament and the Council of the European Union (Council) reached a political agreement on the future EU data protection legal framework. This is a significant step towards adoption of the...more
The last two months certainly have been eventful in the world of privacy. In this issue of The WSGR Data Advisor, we examine the Court of Justice of the European Union’s recent and highly significant Schrems decision that...more
11/20/2015
/ Comcast ,
Cybersecurity ,
EU ,
EU Data Protection Laws ,
Federal Trade Commission (FTC) ,
HIPAA Audits ,
PCI-DSS Standard ,
Schrems I & Schrems II ,
Securities and Exchange Commission (SEC) ,
Security and Privacy Controls ,
Technical Conference ,
US-EU Safe Harbor Framework
On October 16, 2015, the body of European data protection regulators (Article 29 Working Party or WP29) issued a statement on the implementation of the judgement of the Court of Justice of the European Union (CJEU) in...more
10/19/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Model Contracts ,
Popular ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
Today, the Court of Justice of the European Union (CJEU), the EU's highest court, issued a groundbreaking decision that invalidates the EU-U.S. Safe Harbor program. Given the widespread reliance on the Safe Harbor framework...more
Today, the Advocate General of the Court of Justice of the European Union (CJEU, the EU's highest court) issued a far-reaching opinion1 that has significant implications for the EU-U.S. Safe Harbor program and data transfers...more
In this issue of The WSGR Data Advisor, we examine the FCC’s recent TCPA declaratory ruling and order addressing issues regarding calling and texting consumers, and discuss the new privacy, data security, and transparency...more
9/11/2015
/ Auto-Dialed Calls ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Declaratory Rulings ,
Department of Health and Human Services (HHS) ,
Drones ,
Electronic Medical Records ,
EU ,
FCC ,
Federal Trade Commission (FTC) ,
New Legislation ,
Online Privacy Protection Act ,
Security and Privacy Controls ,
TCPA ,
Technical Standards ,
Text Messages
In this issue:
- Navigating Public Company Cybersecurity Obligations: Advising Boards and Disclosing to Investors
- FTC Updates School-Related COPPA Guidance
- Status Update on the EU Data Protection...more
7/14/2015
/ Anti-Spam Legislation ,
Barack Obama ,
Board of Directors ,
Canada ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
Federal Trade Commission (FTC) ,
Privacy Laws ,
Public Disclosure ,
Publicly-Traded Companies ,
Risk Assessment ,
Risk Management ,
Sanctions ,
Security and Privacy Controls
On June 15, 2015, the Ministers of Justice of all 28 European Union member states, sitting as the Council of the EU (Council), reached a crucial agreement for the future EU data protection legal framework. Much work still...more
On May 25, 2015, the French data protection authority (CNIL) published its annual inspection program for 2015, unveiling its objectives and priorities for the year. This alert highlights the main priorities of the CNIL for...more
5/29/2015
/ BCRs ,
CNIL ,
Data Collection ,
Data Protection ,
EU ,
France ,
Mobile Payments ,
Popular ,
Privacy Laws ,
Technology ,
Wifi
In this issue:
- Privacy and Data Security in Transactions: What's the Deal?
- Consumer and Financial Institution Class Actions Survive Motions to Dismiss in Target Data Breach Litigation
- California Amends...more
2/24/2015
/ Breach Notification Rule ,
Consumer Financial Protection Bureau (CFPB) ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Protection ,
Financial Institutions ,
Internet ,
Internet of Things ,
Mobile Apps ,
Target
In this issue:
- Proposed California Law Would Impose Data Breach Liability on Retailers and Create More Stringent Data Security Requirements for Businesses
- FTC Continues Its Aggressive FCRA Enforcement and...more
7/30/2014
/ Big Data ,
Breach Notification Rule ,
Data Breach ,
Data Protection ,
Enforcement ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
Fair Credit Reporting Act (FCRA) ,
FCC ,
FTC v Wyndham ,
Privacy Laws ,
Text Messages ,
Texting ,
Wyndham
In this issue:
- Kaiser Foundation Health Plan Settles California Attorney General Charges over Delayed Data Breach Notification
- Status of the EU Regulation and the Safe Harbor Framework
- FTC Steps...more
The Federal Trade Commission (FTC) recently announced settlements with 12 U.S. companies over allegations that the companies falsely claimed they held current certifications for the U.S.-EU Safe Harbor Privacy Framework. The...more
Introduction -
In early October 2013, the body of European data protection regulators (Article 29 Working Party or WP29) issued a working document providing further guidance on obtaining consent in compliance with the...more
Introduction -
On October 21, 2013, the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE Committee) held its long-awaited vote and adopted compromise amendments that would modify the...more
10/24/2013
/ Consent ,
Cookies ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
Extraterritoriality Rules ,
Internet ,
LIBE ,
Notice Requirements ,
Penalties ,
Personally Identifiable Information ,
Right to Delete
The years 2012 and 2013 have been particularly intense for legislators and privacy professionals globally. Many countries have enacted or are in the process of enacting/updating their data protection framework. In that...more
In this issue:
- FTC Issues New Guidance for Disclosures in Online Advertising
- European Regulators Opine on "Purpose Limitation" Principle – What Constitutes "Compatible Use" in the Context of Big Data?...more