EU Regulation

European Council Adopts the Network and Information Security Directive

May 19, 2016 By Privacy, Cyber & Data Strategy Team

On May 17, 2016, the European Council formally adopted its position at first reading of the Network and Information Security Directive (“NIS Directive”). The objective of the NIS Directive is to increase cooperation between EU Member States on issues of network and information security. Companies subject to the NIS Directive are required to adopt “appropriate […]

European Data Protection Supervisor Issues Information Security Risk Management Guidance for E.U. Institutions

March 31, 2016 By Privacy, Cyber & Data Strategy Team

The European Data Protection Supervisor (“EDPS”) Giovanni Buttarelli issued a guidance document on data security and risk management for the E.U. institutions (such as the European Parliament, the European Council, and the Council of the European Union) on March 21, 2016. Although aimed at E.U. institutions, the document may nonetheless become a source of guidance […]

Alston & Bird Issues Cyber Alert on the EU Network Information Security Directive

March 29, 2016 By Cybersecurity Preparedness & Response Team

This morning, Alston & Bird partner Jim Harvey issued an Advisory on the EU’s forthcoming Network Information Security Directive (“NIS Directive”). National laws passed to implement the NIS Directive will impose substantial new compliance responsibilities on providers of “essential services,” as well as on a broad range of “digital service providers”—potentially even if a digital […]

A Brief Overview of the Privacy Shield

March 15, 2016 By Privacy, Cyber & Data Strategy Team

A one page summary is now available to help U.S. organizations initially evaluate whether the Privacy Shield represents a viable mechanism to legitimize their transfer of personal data from the European union. The summary lists the key features and requirements of the Privacy Shield, some of which were contained in the now-invalidated EU-U.S. Safe Harbor Framework, […]