Alston & Bird Privacy, Cyber & Data Strategy Blog

Joint Regulatory Guidance Aims to Help Companies Transfer Personal Data Across ASEAN and EU Member States

By and

On May 23, 2023, the European Commission together with ASEAN (the Association of Southeast Asian Nations) published guidance that identifies commonalities and differences between the EU Standard Contractual Clauses for international data transfers (“SCCs”), and ASEAN’s Model Contractual Clauses (“MCCs”), to assist companies  with their efforts to comply with data transfer rules in both regions (see the joint guidance here). The Joint Guide to ASEAN Model Contractual Clauses and EU Standard … [Read more] about Joint Regulatory Guidance Aims to Help Companies Transfer Personal Data Across ASEAN and EU Member States

NYDFS Penalizes bitFlyer $1.2 Million for Violations to Cybersecurity Regulation

By , , and

ribbons of data

On May 1, 2023, bitFlyer USA, Inc. (“bitFlyer”) entered into a Consent Order with the New York Department of Financial Services (“DFS”) for multiple deficiencies in bitFlyer’s cybersecurity program, most notably for failure to conduct periodic risk … [Read more] about NYDFS Penalizes bitFlyer $1.2 Million for Violations to Cybersecurity Regulation

International Data Transfers: Lessons from the EDPB’s “101 Task Force”

By

In August 2020, privacy activist organization NOYB - European Center for Digital Rights filed 101 complaints with the EU Supervisory Authorities (‘SAs’) in connection with the transfer of personal data from Europe to the U.S., by companies that had … [Read more] about International Data Transfers: Lessons from the EDPB’s “101 Task Force”

EU Supervisory Authorities Clarify Breach Notification Requirements

By

Background On April 4th, 2023, the European Data Protection Board (‘EDPB’), which is composed of representatives of the EU national supervisory authorities and the European Data Protection Supervisor (‘EDPS’), published an updated version of the … [Read more] about EU Supervisory Authorities Clarify Breach Notification Requirements

China’s Standard Contractual Clauses for Cross-Border Transfers of Personal Information

By and

Chinese Flag & Data privacy symbol

On February 24, 2023, the Cyberspace Administration of China (“CAC”) released its final version of the Standard Contract Measures for Exporting Personal Information (“Standard Contract Measures”), accompanied by a template contract outlining the … [Read more] about China’s Standard Contractual Clauses for Cross-Border Transfers of Personal Information