Privacy & Cyber Regulatory Enforcement

Belgian Privacy Commission Issues DPIA “Black” and “White List” Recommendation

May 3, 2018 By Privacy, Cyber & Data Strategy Team

On February 28, 2018, the Belgian Privacy Commission issued a recommendation on the position it takes with regard to data protection impact assessments (or “DPIAs”) as foreseen in the GDPR. A DPIA under the GDPR is similar in scope and impact to its predecessor, the PIA (or “privacy impact assessment”) and requires businesses to assess […]

SEC Announces Its First Enforcement Action Over Cyber-related Disclosures

April 27, 2018 By Cara Peterman

The Securities and Exchange Commission’s $35 million settlement with Altaba Inc., the successor in interest to Yahoo! Inc., is the first civil penalty of its kind for a data breach and underscores the agency’s increasing focus on public companies’ cybersecurity disclosure obligations. A cross-practice team from our Securities Litigation and Cybersecurity Preparedness & Response groups […]

Privacy Commissioner of Hong Kong Issues a GDPR Guidance Document

April 4, 2018 By Maki DePalo

On April 3, the Hong Kong Office of the Privacy Commissioner for Personal Data (PCPD) announced the publication of the “European Union General Data Protection Regulation (GDPR) 2016” guidance document. The PCPD explains that the publication was issued to raise awareness among organizations and businesses in Hong Kong of the possible impact of the new […]

Council of the European Union publishes new draft ePrivacy Regulation

March 30, 2018 By Privacy, Cyber & Data Strategy Team

The Council of the European Union published a new draft of the ePrivacy Regulation (link here) for discussion purposes on 22 March. This draft aims to facilitate discussions as we are moving towards the final version of the ePrivacy Regulation. As such, the changes outlined below are not final, but rather indicative of the direction […]