National Security

‘Schrems II’ backs the European legal regime into a corner — How can it get out?

July 16, 2020 By Dorian Simmons

On July 16, the Court of Justice of the European Union struck down the EU-U.S. Privacy Shield in the ‘Schrems 2.0’ Case (Facebook Ireland and Schrems (Case C-311/18)). In an article for the International Association of Privacy Professionals, Alston & Bird Senior Counsel Peter Swire analyzes the decision and discusses potential implications, including those relating […]

Schrems 2.0: CJEU invalidates EU-US Privacy Shield and emphasizes exporter obligations when using Standard Contractual Clauses

July 16, 2020 By Paul Greaves and Wim Nauwelaerts

Executive Summary Today, the Court of Justice of the European Union (‘CJEU’) handed down its long-awaited judgment in the ‘Schrems 2.0’ case (Facebook Ireland and Schrems (Case C-311/18)), about the validity of two means of legitimizing transfers of personal data outside the EEA under the EU General Data Protection Regulation (‘GDPR’)[1]. In somewhat of a […]

DOJ Indicts Chinese Military Personnel for Involvement in 2017 Equifax Breach

February 11, 2020 By Privacy, Cyber & Data Strategy Team

On February 10, 2020, the U.S. Department of Justice announced charges against four members of China’s People’s Liberation Army (“PLA”) for their alleged involvement in the 2017 Equifax hack that resulted in the theft of the personal information of 145 million Americans. In the nine-count indictment, the four individuals, Wu Zhiyong, Wang Qian, Xu Ke, […]

Warning: Iranian Cyber Response Possible Against Private Industry

January 7, 2020 By James Harvey and Kim Peretti

After Friday’s announcement of the killing of Major General Qassem Soleimani, a leader of Iran’s Quds Force, several regulators have put industry on high alert of the increased potential for cyber-attack. Iran has a known history of launching cyber-attacks against US industry, and regulators warn industry to prepare for a possible rise in cyber-attacks. The […]

Treasury Announces Sanctions Against Cybercriminal Group Behind ‘Dridex’ Malware, Offering Mitigation Strategies for Businesses

December 11, 2019 By Privacy, Cyber & Data Strategy Team

On December 5, 2019, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) issued sanctions against Evil Corp, a Russian cybercriminal organization that is known for distributing the Dridex malware. Dridex is a banking trojan that has been used to target financial institutions across the globe and has resulted in more than $100 million […]