More regulators (apart from the FTC) are now taking note of cybersecurity issues in the financial services industry and are taking steps to protect the industry and its consumers. Earlier this year, the Consumer Financial Protection Bureau … [Read more] about Bank Regulators Issue Advanced Notice of Proposed Rulemaking on Cyber Risk Governance and Management Regulations
EU-U.S. Privacy Shield Faces Judicial Attack
The EU-U.S. Privacy Shield (“Privacy Shield”) is already under challenge before the European courts, after having been approved only some months ago by the European Commission (“EU Commission”). The European courts’ website records that an action … [Read more] about EU-U.S. Privacy Shield Faces Judicial Attack
The French Digital Republic Act: the New Powers of the French Data Protection Authority and Enhanced Rights of Individuals
On October 7, the French Digital Republic Act (the “Act”) was adopted following a widely-publicized consultation process. The Act amends the French Data Protection Act, and also modifies French law in various domains, including consumer protection, … [Read more] about The French Digital Republic Act: the New Powers of the French Data Protection Authority and Enhanced Rights of Individuals
ECJ Declares IP Addresses are Personal Data
Today, the European Court of Justice (ECJ) issued its long-awaited decision in Breyer v. Germany. Breyer addresses the question of whether IP addresses are “personal data” for purposes of EU data protection law. As is widely known, personal data is … [Read more] about ECJ Declares IP Addresses are Personal Data
California Updates Data Breach Notification Statute for 2017
California, which has historically been one of the states at the vanguard of data breach notification issues, has made an update to its statute that takes effect on January 1, 2017. The update will require companies to notify affected individuals of … [Read more] about California Updates Data Breach Notification Statute for 2017