Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Following their recent meeting in Finland, the EU Data Protection Authorities acting through the European Data Protection Board (EDPB) announced their intention to release new tools and ran EU-wide data breach notification...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
Valuable insights into the measures European regulators expect businesses to take to protect data privacy can be found in a report from the European Data Protection Board (EDPB) summarizing decisions under the EU’s General...more
The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more
The European Data Protection Board (EDPB) held its 77th plenary meeting on 28 March 2023. The EDPB considered the following key topics...more
Last week, the European Data Protection Board ("EDPB") published a long-awaited update of its guidance on breach notification—which did not contain much news generally. However, it does bring a significant new burden for...more
On October 18, 2022, the European Data Protection Board (“EDPB”) published a proposed updated version of its regulatory guidance on personal data breaches under the EU GDPR (the “Proposed Updated Guidance”). The Proposed...more
On May 12, 2022, the European Data Protection Board (EDPB) published its long-awaited Guidelines 04/2022 on the calculation of fines under the General Data Protection Regulation (GDPR). After many data protection authorities...more
On May 16, 2022, the European Data Protection Board (‘EDPB’) published draft regulatory guidelines (‘draft guidance’) on the calculation of administrative fines for infringements of the EU General Data Protection Regulation...more
Following a public consultation on an initial version released last January, the European Data Protection Board (“EDPB”) last month adopted a final version of its Guidelines on Examples regarding Personal Data Breach...more
FTC Warns Companies to Remediate Log4j Security Vulnerability - Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
In this month’s Privacy & Cybersecurity Update, we examine the FBI’s warning to companies regarding cyberattacks targeting confidential M&A activity, as well as the Cybersecurity and Infrastructure Security Agency’s directive...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
In our four-part blog series on Schrems II and its impacts, we have already given the state of data transfers in light of the Schrems II decision as well as some practical tips on how to conduct a risk assessment. In sum, the...more
In certain cases, the General Data Protection Regulation (GDPR) requires entities that experience a personal data breach to provide notice of the incident to relevant national supervisory authorities and the individuals whose...more
Many supervisory authorities across Europe have reported increasing numbers of data breach notifications since the introduction of GDPR. While most companies are now familiar with the 72-hour reporting obligation for...more
In honor of Data Privacy Day, we provide the following “Top 10 for 2021.” While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2021...more
United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more
Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more
EU Court Allows Class Action to Proceed, Sets Precedent for Future Data Breach Class Actions - A class action brought against Google will be allowed to move forward after the plaintiff’s appeal was permitted, allowing him to...more
Much has happened since the European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Many EU countries have enacted national legislation to implement and expand the requirements of the...more
The General Data Protection Regulation (GDPR) significantly expanded the territorial scope of EU data protection law. This was intended to ensure comprehensive protection for EU data subjects’ rights and establish a level...more
Since the General Data Protection Regulation (“GDPR”) took effect on May 25, 2018, US companies without facilities or employees in Europe have struggled to understand the extraterritorial scope of the GDPR....more