Legislation

Bill Proposes Jail Time for Executives Who Conceal Data Breaches

December 4, 2017 By Privacy & Data Security Team

On November 30, 2017, a group of U.S. senators re-introduced a bill, known as the Data Security and Breach Notification Act, which seeks to impose criminal liability of up to five years of jail time on any corporate executive convicted of “intentionally and willfully” concealing a data breach. The bill also proposes that the Federal […]

Challenge to Privacy Shield Dismissed by EU General Court

November 29, 2017 By Daniel Felz

In October of last year, we reported that digital rights advocacy group Digital Rights Ireland (“DRI”) had brought an action to annul the EU-U.S. Privacy Shield. DRI filed its challenge before the General Court of the European Union, which is the court of first instance in the EU system with exclusive jurisdiction over challenges to […]

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 5 of 5

November 27, 2017 By Daniel Felz

Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR). On July 6, 2017, Germany did so by passing a statute titled the Data Protection Amendments and Implementation Act. The Act repeals Germany’s venerated Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG) and replaces it […]

Virginia Amends Data Breach Notification Law

October 19, 2017 By Privacy & Data Security Team

Virginia amended the state’s data breach notification law, effective July 1, 2017, to expand notification requirements for employers and payroll service providers to data breaches that involve “unauthorized access and acquisition of unencrypted and unredacted computerized data containing a [Virginia] taxpayer’s identification number in combination with the income tax withheld for that taxpayer. . . […]

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 4 of 5

October 10, 2017 By Daniel Felz