EU Data Protection

EU-US Privacy Shield – FAQs

July 12, 2016 By Daniel Felz and Privacy, Cyber & Data Strategy Team

Today, the European Commission (“EU Commission”) formally approved a new transatlantic framework for the transfer of personal data from Europe to the United States (“U.S.”) (the “Privacy Shield”). Under the EU Commission’s decision approving the new framework ( the “Adequacy Decision”), U.S. organizations participating in the Privacy Shield will be deemed to ensure an “adequate […]

EU Institutions Weigh In on Commission’s EU-U.S. Privacy Shield Proposal

June 6, 2016 By Privacy, Cyber & Data Strategy Team

Last week has seen two important developments in relation to the EU-U.S. Privacy Shield (“Privacy Shield”) for transfers of personal information from Europe to the United States. A draft adequacy decision and related documentation for the Privacy Shield were released by the EU Commission on February 29, 2016, and are now being reviewed by the […]

European Council Adopts the Network and Information Security Directive

May 19, 2016 By Privacy, Cyber & Data Strategy Team

On May 17, 2016, the European Council formally adopted its position at first reading of the Network and Information Security Directive (“NIS Directive”). The objective of the NIS Directive is to increase cooperation between EU Member States on issues of network and information security. Companies subject to the NIS Directive are required to adopt “appropriate […]

European Data Protection Supervisor Issues Information Security Risk Management Guidance for E.U. Institutions

March 31, 2016 By Privacy, Cyber & Data Strategy Team

The European Data Protection Supervisor (“EDPS”) Giovanni Buttarelli issued a guidance document on data security and risk management for the E.U. institutions (such as the European Parliament, the European Council, and the Council of the European Union) on March 21, 2016. Although aimed at E.U. institutions, the document may nonetheless become a source of guidance […]