Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
Editor’s Note: Europe’s regulatory landscape has undergone a fundamental transformation, extending far beyond GDPR’s foundational framework to encompass a complex ecosystem of interconnected laws governing digital platforms,...more
The Belgian Data Protection Authority recently ruled that a Belgian government entity, FPS Finance, cannot transfer the personal data of “accidental Americans” to the IRS. According to the decision, the transfers needed to...more
Parties that have possession, custody, or control of evidence potentially relevant to U.S. litigation or investigations are typically required to identify, collect, preserve, and produce such evidence (with limited...more
Hong Kong has seen cryptocurrencies grow in popularity, highlighting the need for appropriate licensing regimes (implemented in the form of virtual asset service providers (VASPs)), bolstered by active enforcement actions. ...more
Ever-Expanding BIPA Damages: Illinois Supreme Court Holds Each Collection or Dissemination of Biometric Data Constitutes a Separate Violation of BIPA - In an eagerly-awaited decision in Cothron v. White Castle System,...more
On February 24, 2023, the European Commission (EC) opened a public consultation on its initiative (Initiative) to revise procedural rules relating to the enforcement of the EU General Data Protection Regulation (GDPR). The EC...more
Background Note: International discovery exercises and investigations can be a complex and challenging process for cybersecurity, information governance, and eDiscovery professionals. Navigating the different laws and...more
The European Data Protection Supervisor (EDPS) has issued an opinion on the European Union Agency for Cybersecurity’s (ENISA) use of the explicit consent derogation as a legal basis for cross border transfers to the US...more
Even in the absence of a cross-border transfer of personal data from the European Union to a third country, if you are using a vendor that has a U.S. parent company, get ready to implement supplementary measures, says the...more
In an increasingly datafied and globalized world, businesses have become reliant upon the seamless flow of cross-border data transfers. Transatlantic data flows play an important role in the U.S. economy. The U.S. and the...more
The European Commission has published an inception impact assessment for a potential legislative proposal establishing a European Health Data Space. In its document, the European Commission identifies the problems currently...more
On 13 January 2021, the Advocate General (AG) of the Court of Justice of the European Union (CJEU) issued an important opinion in the case of Facebook Belgium v Gegevensbeschermingsautoriteit (C-645/19) which considers the...more
Parties in the US are allowed broad and liberal discovery of electronically stored information (ESI) relevant and proportional to the claims and defenses in a legal action. When a US-based litigant seeks ESI stored in other...more
Earlier this week, the Court of Justice of the European Union, perhaps for the first time, drew a territorial limitation to the requirements imposed under the General Data Protection Regulation (‘GDPR’). The court held that...more
The European Data Protection Board (EDPB) has issued an opinion on the standard contractual clauses proposed by the Denmark Data Protection Authority that contains important takeaways for drafting and negotiating of all...more
These days, it has been commonplace for data breaches and data privacy issues to pervade the news cycle. Earlier this summer, data privacy also likely pervaded your inbox in the form of dozens of emails from companies...more
As part of its preparations for a “no deal” scenario when the Article 50 negotiating period comes to an end on 29 March 2019, the Department for Digital, Culture, Media and Sport (“DDCMS”) has released guidance on “Data...more
The UK Government is realistically ambitious in terms of achieving two objectives: (a) the continued exchange of personal data between the UK and the EU, and (b) the ICO’s participation in the One Stop Shop mechanism of...more
On September 13 the European Commission (“Commission” or “EC”) issued a proposal for a new Regulation on a framework for the free flow of non-personal data in the EU. ...more
Japan and the European Union announced an agreement in principle on major components of a substantial free trade deal on the eve of the recent G20 summit in Hamburg. This free trade deal rivals NAFTA in scope and impact, as...more
Late last week, the Article 29 Working Party (“WP29”) issued detailed guidance on companies’ obligations under three key provisions of the General Data Protection Regulation (GDPR). This is part three of a three-part Alston...more
In May 2015, the European Commission announced its Digital Single Market Strategy to accelerate the creation of a digital single market (DSM) across the EU. The EU’s aim is to broaden access to e-commerce, media and...more
BREXIT – THE NEXT STEPS - Despite the UK’s vote to leave the European Union, companies doing business in the UK can still continue to trade with the European Union in exactly the same way as they have done in the past –...more
Following the ECJ’s decision in the “Schrems” case which has invalidated the Safe Harbor framework multinational corporations may now face profound privacy law related compliance issues in a multitude of jurisdictions. In the...more
Thousands of U.S. and European companies who rely on the EU–US Safe Harbor Framework to permit the transfer of personal data from the EU to the U.S., have come a step closer to seeing the transfer mechanism struck down....more