Privacy Litigation

EU Council Issues New Consolidated GDPR and Accelerates GDPR’s Legislative Timetable

April 7, 2016 By Daniel Felz

Yesterday evening, the Council of Ministers issued a new consolidated version of the General Data Protection Regulation (GDPR). This is the first “clean” version of the GDPR that (a) incorporates all revisions agreed upon from the time of the Commission’s original 2012 proposal to the December 2015 trilogue compromise text; and (b) numbers individual provisions […]

Examining the Judicial Redress Act

January 26, 2016 By Privacy, Cyber & Data Strategy Team

The proposed Judicial Redress Act has recently been touted as a critical step towards developing a revised “Safe Harbor 2.0″ framework. (See our prior posts on Safe Harbor here and here.) This post summarizes the essential provisions of the bill as passed by the House of Representatives and currently pending before the U.S. Senate. As […]

FTC and Wyndham Settle Data Security Allegations

December 10, 2015 By Privacy, Cyber & Data Strategy Team

On December 9, 2015, the Federal Trade Commission announced that Wyndham Worldwide Corp., Wyndham Hotel Group LLC, Wyndham Hotels and Resorts, LLC, and Wyndham Hotel Management, Inc. (“Wyndham”) had agreed to settle FTC charges that the company’s security practices unfairly exposed the payment card information of consumers to hackers in three separate data breaches between […]

FTC’s Ability to Regulate Data Security Potentially Limited in FTC v. LabMD

November 19, 2015 By Alex Brown

A November 13, 2015 decision from the Federal Trade Commission’s Chief Administrative Law Judge, D. Michael Chappell, calls into question FTC enforcement in the data privacy space. The case began when the FTC filed a complaint on August 28, 2013 after an employee of LabMD, a cancer detection laboratory, downloaded peer-to-peer (“P2P”) software that exposed patient […]

European Commission Releases Communication on Schrems and Safe Harbor 2.0

November 10, 2015 By Privacy, Cyber & Data Strategy Team

On November 6, 2015, the European Commission released a widely-anticipated Communication assessing the impact of the judgment of the European Court of Justice (“ECJ”) in the Schrems case (C-362/14), which invalidated the U.S.-EU Safe Harbor framework. Though the Communication is not legally binding, it provides useful guidance to companies on transfers of personal data to the […]