Board Governance & Cyber Risk Management

Irish High Court refers Facebook’s data case to the European Court of Justice

October 3, 2017 By Privacy, Cyber & Data Strategy Team

In what it considered “an unusual case” (available here), the Irish High Court has referred the issue of the way data is transferred between the EU and countries outside the EU to the Court of Justice of the European Union (“CJEU”). Ms. Justice Caroline Costello will ask the CJEU for a preliminary ruling on the […]

UK Introduces Draft Data Protection Bill

September 26, 2017 By Privacy, Cyber & Data Strategy Team

A few days ago the UK’s Department for Digital, Culture, Media & Sport introduced the Data Protection Bill 2017 (“the Bill”). Once adopted by the legislature, the Bill will replace the Data Protection Act 1998, which is currently in force. The purpose of the Bill is to transpose the EU General Data Protection Regulation (“the […]

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 2 of 5

September 25, 2017 By Daniel Felz

Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR). On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation Act. The Act repeals Germany’s venerated Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG) and replaces it […]

SEC Chairman Jay Clayton Announces Data Breach of SEC Systems Which May Have Led to Insider Trading

September 25, 2017 By Cara Peterman and Privacy, Cyber & Data Strategy Team

SEC Chairman Jay Clayton issued a public statement on Cybersecurity (the “Clayton Statement”) last week, disclosing a 2016 attack on the SEC’s database of corporate filings. The intrusion exploited a vulnerability in the test filing component of the EDGAR system, a document repository for disclosures from public companies and issuers, through which the intruder was […]