On June 16, 2023, the Council of Europe’s Committee of Convention 108+ (i.e., the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data) adopted Model Contractual Clauses for cross-border data flows … [Read more] about Council of Europe Launches Model Contractual Clauses for Transfers of Personal Data
On June 7, 2023, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Joint Cybersecurity Advisory in connection with a recent zero-day (or previously undetected) vulnerability in … [Read more] about CL0P Ransomware Gang’s Exploitation of MOVEit Vulnerability: What It Means for Companies
On May 23, 2023, the European Commission together with ASEAN (the Association of Southeast Asian Nations) published guidance that identifies commonalities and differences between the EU Standard Contractual Clauses for international data transfers … [Read more] about Joint Regulatory Guidance Aims to Help Companies Transfer Personal Data Across ASEAN and EU Member States
On May 1, 2023, bitFlyer USA, Inc. (“bitFlyer”) entered into a Consent Order with the New York Department of Financial Services (“DFS”) for multiple deficiencies in bitFlyer’s cybersecurity program, most notably for failure to conduct periodic risk … [Read more] about NYDFS Penalizes bitFlyer $1.2 Million for Violations to Cybersecurity Regulation
In August 2020, privacy activist organization NOYB - European Center for Digital Rights filed 101 complaints with the EU Supervisory Authorities (‘SAs’) in connection with the transfer of personal data from Europe to the U.S., by companies that had … [Read more] about International Data Transfers: Lessons from the EDPB’s “101 Task Force”