The Article 29 Working Party group (WP29) of European data protection authorities recently announced that they will legally challenge the adequacy of the Privacy Shield Framework unless the U.S. government addresses certain “prioritized concerns” by May 25, 2018. Privacy Shield provides a framework which helps over 2500+ participating U.S. companies legally transfer EU personal data […]
Enforcement
An English-Language Primer on Germany’s GDPR Implementation Statute: Part 5 of 5
Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR). On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation Act. The Act repeals Germany’s venerated Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG) and replaces it […]
Virginia Amends Data Breach Notification Law
Virginia amended the state’s data breach notification law, effective July 1, 2017, to expand notification requirements for employers and payroll service providers to data breaches that involve “unauthorized access and acquisition of unencrypted and unredacted computerized data containing a [Virginia] taxpayer’s identification number in combination with the income tax withheld for that taxpayer. . . […]
David Keating and Karen Sanzaro to Speak at the 2017 Privacy + Security Forum
David Keating, partner and co-leader of the firm’s Privacy & Data Security practice, and Karen Sanzaro, counsel in the Technology & Privacy Group, will be speakers at the 2017 Privacy + Security Forum in Washington, DC, taking place on October 4-6, 2017. David Keating will be speaking during the session on “Emerging Consumer Tracking and Analytics […]
FTC Announces First Privacy Shield Enforcement Actions
The Federal Trade Commission recently announced that it had settled charges against three companies alleged to have falsely claimed participation in Privacy Shield. Privacy Shield supports EU – U.S. transfers of personal data by helping U.S. companies demonstrate compliance with European Union data transfer rules. Companies participating in the program commit to meet specific program requirements […]