In a concise statement, the Article 29 Working Party (WP29), a consortium of European Data Protection Authorities (DPAs), released a position paper today about the landmark ruling of the European Court of Justice in Maximilian Schrems v. Data Protection Commissioner (C-362-14). WP29 makes a political call on the EU Member States to finalize discussions with […]
Privacy & Cyber Regulatory Enforcement
Alston & Bird Publishes FAQs To Help Companies Sort Through Schrems Decision
Alston & Bird has published FAQs regarding the recent decision by the European Court of Justice holding that the U.S.-E.U. Safe Harbor Framework is invalid (also known as the Schrems decision). Please see our blog entry on the decision here. These FAQs are designed to help companies that rely on the Safe Harbor Framework to […]
A Discussion with FTC Commissioner Julie Brill: The Future of Trans-Atlantic Privacy
On October 20, Alston & Bird will host a panel discussion with FTC Commissioner Julie Brill. The event will be broadcast as a webinar. Commissioner Brill will discuss the future of U.S. – European privacy with Senior Counsel Peter Swire. The discussion will be moderated by Partner Jim Harvey. This timely discussion with Commissioner Brill […]
David Keating Quoted on Law360 about Data Transfer Issues After Safe Harbor is Invalidated
David Keating, partner and co-leader of the firm’s Privacy & Data Security practice, was quoted on Law360 regarding the practical impact on companies of the decision of the European Court of Justice (ECJ) invalidating the EU-U.S. Safe Harbor program for transfers of personal data. The ECJ decision requires companies to evaluate the mechanisms they and their vendors use to move data out […]
California Updates Data Breach Notification Statute; Provides Model Notification Form
On October 6, California Governor Jerry Brown signed into law two different updates to California’s data breach notification statute. Both updates will become effective on January 1, 2016. The first update, AB 964, defines “encrypted” for purpose of the statute to mean ”rendered unusable, unreadable, or indecipherable to an unauthorized person through a security technology […]