Kim Peretti, partner and co-chair of the firm’s Cybersecurity Preparedness & Response Team, was quoted in an InsideCybersecurity daily news report on October 2 titled, “Amid regulatory fears, boards improve on cybersecurity.” A recent report from Georgia Tech Information Security Center shows an increase in boardroom involvement in cybersecurity management – 63 percent of boards are now actively addressing IT […]
Regulation
European Court of Justice Strikes Down Safe Harbor
In a momentous judgment, the European Court of Justice (“ECJ”) today invalidated the European Commission’s decision establishing the E.U.-US Safe Harbor for transfers of personal data (“Safe Harbor Decision”). The ruling was made with record dispatch, following on an Advocate General Opinion recommending invalidation that was delivered to the Court only two weeks ago. Facts […]
Swire Challenges Factual Basis of Schrems Decision
In an article published today, Senior Counsel Peter Swire challenges the factual basis for the Advocate General’s recent opinion in the so-called “Schrems case” against the E.U.-U.S. Safe Harbor framework. Thousands of U.S. businesses rely on the Safe Harbor framework in order to support the transfer of data from the European Union. As previously discussed […]
SEC Sanctions Investment Adviser Under the Safeguards Rule
The Securities and Exchange Commission (“SEC”) has sanctioned an investment adviser and fined it $75,000 for failing to “adopt written policies and procedures reasonably designed to protect customer records and information.” The SEC alleges that this failure, which was a violation of its Safeguards Rule, contributed to a cyber attack against the investment adviser that […]
Safe Harbor Framework in Jeopardy after Advocate General Decision
Today, Advocate General Yves Bot advised the European Court of Justice that the US-EU Safe Harbor framework for the protection of trans-Atlantic transfers of personal data is invalid. The long awaited Opinion of the Advocate General in the so-called “Schrems case” (Case C-362/14 Maximilian Schrems v. Data Protection Commissioner) has now been published. The case […]