Privacy, Cyber & Data Strategy Team

EU Institutions Weigh In on Commission’s EU-U.S. Privacy Shield Proposal

June 6, 2016 By Privacy, Cyber & Data Strategy Team

Last week has seen two important developments in relation to the EU-U.S. Privacy Shield (“Privacy Shield”) for transfers of personal information from Europe to the United States. A draft adequacy decision and related documentation for the Privacy Shield were released by the EU Commission on February 29, 2016, and are now being reviewed by the […]

European Council Adopts the Network and Information Security Directive

May 19, 2016 By Privacy, Cyber & Data Strategy Team

On May 17, 2016, the European Council formally adopted its position at first reading of the Network and Information Security Directive (“NIS Directive”). The objective of the NIS Directive is to increase cooperation between EU Member States on issues of network and information security. Companies subject to the NIS Directive are required to adopt “appropriate […]

Illinois Makes Extensive Changes to Data Breach Notification Law

May 18, 2016 By Privacy, Cyber & Data Strategy Team

On May 6, 2016, Illinois Governor Bruce Rauner signed HB1260, which significantly updates the state’s Personal Information Protection Act. The changes take effect on January 1, 2017. When the new law becomes effective, Illinois’ data breach notification statute will include one of the broader definitions of the information which, if breached, will trigger notification […]

Nebraska Makes Changes to Data Breach Statute

April 19, 2016 By Privacy, Cyber & Data Strategy Team

Nebraska Governor Pete Ricketts has signed LB835 into law, updating the state’s data breach notification statute. The changes take effect on July 20, 2016. With the updates, Nebraska joins a growing number of states that include a username or email in combination with a password or security question and answer that would permit access to […]