The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
Digital Planning Podcast - Interview With Leeza Garber
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Safeguards against Data Security Breaches (Part One)
Organizations often struggle with privacy in a regulatory landscape that can change at any point. However, the risk of data breaches is always rising, and awareness of privacy rights is growing. As a result, maintaining the...more
Businesses increasingly rely on technology containing Artificial Intelligence (AI) to streamline operations, enhance employee experiences and drive strategic decision-making. The integration of AI into work systems, including...more
Keypoint: In the wake of Schrems II, the EDPB’s much-anticipated recommendations provide extensive guidance on supplementary measures parties can use to legally transfer data out of the EEA in the absence of an adequacy...more
The data protection authority of the German state of Baden-Wurttemberg issued a guidance for European Union data exporters in the wake of the Schrems II decision by the Court of Justice of the European Union (CJEU), which...more
Per the German DSK (the Conference of Independent German Federal and State Data Protection Supervisory Authorities), emails need to be encrypted in order to meet the minimum requirements of Article 32 of the General Data...more
In some cases yes, and in other cases no. The CCPA defines “personal information” as information that, among other things, “is capable of being associated with” a particular consumer....more
As businesses continue to digitise their assets and operations, the need to continually assess IT infrastructure and the technical measures in place to safeguard key information assets and data becomes ever more important....more
Going Deep on the California Consumer Privacy Act - The California Consumer Privacy Act (CCPA) has been called the beginning of America’s GDPR. As the most comprehensive privacy law in the United States, entities doing...more
The UK Information Commissioner’s Office recently released helpful encryption guidance. Although released to address the GDPR security requirements, this document may be helpful more broadly because of the detail around...more
The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures....more
In the first fine issued by a German data protection authority under the European General Data Protection Regulation (“GDPR”), on 21 November 2018 the authority of the German state of Baden-Württemberg (“LfDI”) imposed a fine...more
On July 23, 2018, Denmark’s data protection agency announced that companies must encrypt all emails transmitting sensitive personal data. This new rule goes into effect January 1, 2019, giving companies that do business in or...more
Overview (10. – 6.) - 10. The European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. It applies to the processing of “personal data” of EU citizens and residents (a/k/a “data...more
There is much for authorised firms to consider in the year ahead. Firms have been through the intensive period of the enactment of the second Markets in Financial Instruments Directive (MiFID II), but must now step up their...more
As 2017 comes to a close and companies look to planning initiatives for 2018, there is one date that should be front and center for privacy professionals: May 25, 2018. That is the date that the EU’s General Data Protection...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Commission's annual review of the Privacy Shield, a potential threat to the European Union's "standard contractual clauses," a push by...more
What is the problem? Belgian researchers have published information about a vulnerability in the most popular WiFi encryption protocol that makes monitoring of all communications possible, except those communications that...more
The EU Parliament Committee in charge of reviewing the EU Commission's Proposal for an e-Privacy Regulation (Proposal) released a Draft Report proposing amendments this week....more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
Last week, the UK’s Information Commissioner’s Office (ICO) published a monetary penalty notice which fined a private healthcare company, HCA International, £200,000 for its failure to keep sensitive data secure....more
Editor's Note: In the world of cyber law, privacy and cybersecurity, one of the largest and most colorful figures is Stewart Baker, whose resume includes a stint as General Counsel at the National Security Agency and...more
Carrie, A couple of weeks ago, you wrote me about an employee who will be engaging in a six-month temporary assignment around Europe to scope market opportunities. The employee was Abbie Absent-Minded. Well, we hit a...more
In this edition of our Privacy & Cybersecurity Update, we examine changes to EU privacy and data protection laws, new state laws addressing data breach notifications, Congress' review of cyber insurance, and recent court...more
Friend a Bot on Facebook? Messenger Launches Business Chatbots - At Facebook’s annual developers conference F8 this week, Facebook confirmed that Messenger will allow brands and companies to build bots that interact...more
As one might expect, the Paris attacks have provided to EU member states and politicians the opportunity to strengthen the legal means of surveillance available to intelligence services and enforcement authorities. Will this...more