Board Governance & Cyber Risk Management

French data protection regulator fines Google and Amazon for non-compliance with EU cookie rules

December 14, 2020 By Wim Nauwelaerts and Privacy, Cyber & Data Strategy Team

On 7 December 2020, the French supervisory authority CNIL (Commission nationale de l’informatique et des libertés, French data protection authority) imposed substantive fines on Amazon and Google for allegedly placing advertising cookies on the computers of users in France without prior consent or providing adequate information. Amazon Europe Core was fined 35 million euros, and […]

California AG Proposes Regulatory Changes to CCPA

December 10, 2020 By Privacy, Cyber & Data Strategy Team

Today, the California Attorney General’s office provided “Notice of Fourth Set of Modifications” to regulations under the California Consumer Privacy Act. The new proposed regulatory text would modify the current regulations which took effect in August. The latest proposal responds to comments on a prior draft and primarily addresses the presentation of the right to […]

European Commission Publishes Draft ‘Article 28’ Standard Contractual Clauses

November 18, 2020 By Paul Greaves, Wim Nauwelaerts and Privacy, Cyber & Data Strategy Team

In addition to issuing new (draft) standard contractual clauses for transferring personal data outside of the EEA, on November 12, the European Commission published a draft decision on standard contractual clauses between controllers and processors (‘Clauses’) for the matters referred to in Article 28(3) and (4) of Regulation (EU) 2016/679 (“GDPR”). Article 28(3) and (4) […]

Alston & Bird Analyzes New California Privacy Rights Act in Client Alert

November 4, 2020 By Privacy, Cyber & Data Strategy Team

Yesterday, California voters approved a ballot initiative containing the California Privacy Rights Act of 2020. The ballot initiative significantly revises the existing California Consumer Privacy Act to create arguably the most comprehensive state privacy law in the United States. Alston & Bird has now issued a client alert explaining key impacts of this law. The […]

DOJ Announces Indictment of Russian Hackers for Destructive Cyber-Attacks, Including Deployment of NotPetya and Olympic Destroyer Malware

October 21, 2020 By Privacy, Cyber & Data Strategy Team

On October 19, 2020, the Department of Justice (DOJ) announced that six Russian GRU officers had been charged in connection with a series of destructive cyber-attacks that affected victims around the globe and caused billions of dollars of damage. The Russian hackers are alleged to be a part of the group known as Sandworm, which […]