Legislation

UK Launches Public Consultation on GDPR Consent Guidance

March 8, 2017 By Privacy, Cyber & Data Strategy Team

The General Data Protection Regulation (GDPR) will come into force on 25 May 2018, replacing UK’s Data Protection Act 1998 (DPA). It is yet unclear how Brexit will play out, yet in the meantime the United Kingdom is moving to adopt the GDPR principles so that it adequately protects the personal data transferred within the […]

Australia Adopts New Data Breach Notification Legislation

March 6, 2017 By Adria Moshe and Privacy, Cyber & Data Strategy Team

On February 13, 2017 Australia became one more among nation states adopting data breach notification legislation. In recent House and Senate votes, the Australian Parliament amended the Privacy Act 1988, introducing mandatory data breach notification requirements for entities regulated by the Privacy Act. Who is Subject to the New Legislation? The recent bill requires entities […]

AG Empowers EU Privacy Suits with Redress Act Designations

January 19, 2017 By Privacy, Cyber & Data Strategy Team

Earlier this week, the U.S. Attorney General designated 26 countries and the European Union as “covered countr[ies]” under the Judicial Redress Act. The Attorney General has simultaneously designated 13 “Federal agenc[ies] or component[s]” under the Act. These designations enable citizens of the “covered countr[ies]” to sue and seek remedies in U.S. court if one of […]

California Updates Data Breach Notification Statute for 2017

October 17, 2016 By Privacy, Cyber & Data Strategy Team

California, which has historically been one of the states at the vanguard of data breach notification issues, has made an update to its statute that takes effect on January 1, 2017. The update will require companies to notify affected individuals of a data breach of encrypted information, if “the encryption key or security credential was, or […]