Peter Swire issued the following statement today following news of a revised Safe Harbor framework. Today the European Union and United States announced a new framework for transatlantic data flows, called the EU-US Privacy Shield. This will update the EU-US Safe Harbor agreement, for which I was part of the negotiating team in 2000. At […]
Board Governance & Cyber Risk Management
FTC Updates IdentityTheft.gov Website
The Federal Trade Commission (FTC) has announced updates to the IdentityTheft.gov website aimed at making the site more useful to victims of identity theft. The changes will enable consumers to quickly file complaints and develop a personalized recovery plan after answering a number of questions on the site. “Our hope is that this is going […]
The Importance of Strategic Vendors in Breach Response
Alston & Bird recently issued an Advisory, co-authored by Jim Harvey and Karen Sanzaro, on the complexities of managing a data breach that implicates strategic third party vendor relationships. Cybercrime and data security incidents are on the rise. Security breaches and the ensuing investigation and remediation process can be costly and complex. The process is […]
FTC PrivacyCon Event Examines Cutting-Edge Research and Current Policies Regarding Privacy and Data Security
The Federal Trade Commission held its PrivacyCon event, featuring nineteen presentations showcasing original research regarding important consumer privacy and security issues by leading academics from universities and think tanks from around the world. A full video recording of the webcast is available here. The conference took place in Washington on Jan. 14, 2016, and included […]
Germany’s Christmas Present: Data-Protection Class Actions
Following the European Court of Justice’s Schrems decision invalidating the Safe Harbor mechanism, much attention has focused on how the Data Protection Authorities (DPAs) of EU member states would interpret and enforce Schrems. While close attention to DPA activity is important—and will become even more so upon the passage of the EU General Data Protection […]