Germany boasts one of the world’s largest, most sophisticated, and international economies. Companies doing business in Germany are thus an increasingly relevant target for cyberattacks. Germany‘s Federal Criminal Police Office (Bundeskriminalamt or BKA) is the federal law enforcement agency charged with investigating cybercrime, and for coordinating federal-state cooperation in cybercrime matters. The BKA recently published […]
Georgia Introduces Privacy Bill Stricter than CCPA – the Top 10 Issues
On January 26, 2022, the Georgia General Assembly introduced a bill titled the Georgia Computer Data Privacy Act (GCDPA). Despite its title, the GCDPA is not a “computer”-focused bill. It is instead is an omnibus privacy statute modeled after California’s Consumer Privacy Act (CCPA). The GCDPA was introduced by the Republican leadership in Georgia’s state […]
Swiss Data Protection Regulator Is Latest to Outline Framework for Transferring Data to the SEC
Entities registered with the U.S. Securities & Exchange Commission (SEC) must maintain certain books and records and can be subject to the SEC’s examination, inspection, and enforcement authority. Responding to SEC requests can require cross-border transfers of personal data, and this has historically risked non-compliance under foreign data protection law. The SEC has been proactive […]
Alston & Bird Publishes 10 Key Takeaways from the New Standard Contractual Clauses
As highlighted by this blog on Friday, the European Commission has published long-awaited Standard Contractual Clauses (SCCs). These represent the first updates to the SCCs in over a decade, with the last updates having been made in 2010. Alston & Bird partner Wim Nauwelaerts has now published an advisory titled “10 Key Takeaways from the […]
European Commission Publishes Long-Awaited New Standard Contractual Clauses
Today, the European Commission published finalized versions of new Standard Contractual Clauses (SCCs). The Commission has published two sets of clauses: A set of SCCs to be used in controller-to-processor situations in conjunction with Art. 28 GDPR “data processor” terms applicable to such situations. A more general set of modular SCCs that can be used […]