Alston & Bird Privacy, Cyber & Data Strategy Blog

EDPB Issues New Guidance for Assessing Personal Data Breaches under the EU GDPR

January 10, 2022 By Paul Greaves and Wim Nauwelaerts

On Monday, 3 January 2022, the European Data Protection Board (“EDPB”) published the finalized version of its regulatory guidance entitled “Examples regarding Personal Data Breach Notification” (the “Guidelines”), following a public consultation on a draft set of guidelines in 2021. The finalized Guidelines are a practice-oriented, and case-based set of examples that leverage the experiences gained by EU Supervisory Authorities since the EU GDPR became applicable. The Guidelines build on and … [Read more] about EDPB Issues New Guidance for Assessing Personal Data Breaches under the EU GDPR

FTC Releases Warning to Companies that Fail to Mitigate Log4j Vulnerability

January 5, 2022 By Jon Knight and Alysa Austin

Less than a month ago, a critical vulnerability was identified in the ubiquitous, open source Log4j tool prompting swift guidance from Cybersecurity and Infrastructure Security Agency (CISA) and other security practitioners. Now, the Federal Trade … [Read more] about FTC Releases Warning to Companies that Fail to Mitigate Log4j Vulnerability

Time to Restore Trust in Data Flows between Countries? Peter Swire Discusses Recent OECD Efforts in Developing Principles for Government Access to Data.

January 4, 2022 By Privacy, Cyber & Data Strategy Team

Alston & Bird Senior Counsel Peter Swire recently published an article in Lawfare titled, “Towards OECD Principles for Government Access to Data.” Peter and his co-authors discuss recent efforts of the Organization for Economic Cooperation and … [Read more] about Time to Restore Trust in Data Flows between Countries? Peter Swire Discusses Recent OECD Efforts in Developing Principles for Government Access to Data.

Update: FTC Amendments to the Safeguards Rule and Request for Comment on Proposed Reporting Requirement Published to the Federal Register

December 15, 2021 By Kim Peretti, Kathleen Benway and Kate Hanniford

As an update to prior coverage of the FTC’s final revisions to the Gramm-Leach-Bliley Safeguards Rule (Final Rule), following its publication in the Federal Register on December 9, 2021, the Final Rule now will take effect on January 8, 2022, 30 days … [Read more] about Update: FTC Amendments to the Safeguards Rule and Request for Comment on Proposed Reporting Requirement Published to the Federal Register

NYDFS Issues Guidance on Multi-Factor Authentication

December 14, 2021 By Kim Peretti and Kate Hanniford

The New York Department of Financial Services (NYDFS) continues to refine its position regarding the importance of and requirements regarding Multi-Factor Authentication (MFA), as evidenced most recently with the release of new guidance. This new … [Read more] about NYDFS Issues Guidance on Multi-Factor Authentication