Yesterday evening, the Council of Ministers issued a new consolidated version of the General Data Protection Regulation (GDPR). This is the first “clean” version of the GDPR that (a) incorporates all revisions agreed upon from the time of the Commission’s original 2012 proposal to the December 2015 trilogue compromise text; and (b) numbers individual provisions […]
International
European Data Protection Supervisor Issues Information Security Risk Management Guidance for E.U. Institutions
The European Data Protection Supervisor (“EDPS”) Giovanni Buttarelli issued a guidance document on data security and risk management for the E.U. institutions (such as the European Parliament, the European Council, and the Council of the European Union) on March 21, 2016. Although aimed at E.U. institutions, the document may nonetheless become a source of guidance […]
Department of Justice Indicts Seven Iranians for State-Sponsored Hacking
The Department of Justice has announced the indictment of seven Iranian hackers alleged to work for the Iranian government on charges stemming from a coordinated string of distributed denial of service (“DDoS”) attacks primarily against U.S. financial institutions from 2011 to 2013. One of the hackers is also charged with hacking into the supervisory control […]
EU Privacy Leaders Discuss US-EU Privacy Shield at Event Co-Hosted by A&B Partner
On March 22, 2016, the International Association of Privacy Professional (IAPP) hosted a podium discussion in Brussels on the new EU-US Privacy Shield. Alston & Bird co-hosted the event, which featured two top-notch privacy luminaries from EU legislative and oversight bodies: Mr. Giovanni Buttarelli, the present European Data Protection Supervisor (EDPS). Mr. Bruno Gencarelli, Head […]
A Brief Overview of the Privacy Shield
A one page summary is now available to help U.S. organizations initially evaluate whether the Privacy Shield represents a viable mechanism to legitimize their transfer of personal data from the European union. The summary lists the key features and requirements of the Privacy Shield, some of which were contained in the now-invalidated EU-U.S. Safe Harbor Framework, […]