On May 25, 2018, the EU General Data Protection Regulation (GDPR) enters into force. One of the major changes the GDPR introduces is a duty for in-scope controllers and processors to maintain written records of processing activities. Under Article … [Read more] about German DPAs to Create Model Processing Records for GDPR Compliance
Department of Commerce Announces First Privacy Shield Participants
Over the weekend, the Department of Commerce’s Privacy Shield website was updated to show the first participants in the U.S.-EU Privacy Shield. In total, about 45 companies have registered for Privacy Shield. Prominent examples include Microsoft … [Read more] about Department of Commerce Announces First Privacy Shield Participants
FTC Overrules LabMD Dismissal, Finds Unfair Data Security Practices
The FTC issued an Opinion and Final Order reversing the previously dismissed charges against LabMD on July 29. FTC Administrative Law Judge (ALJ) D. Michael Chappell had dismissed the case against LabMD on November 13, 2015 based on an insufficient … [Read more] about FTC Overrules LabMD Dismissal, Finds Unfair Data Security Practices
FERC Takes Action on Cybersecurity in Response to Ukrainian Cyber Attacks
The Federal Energy Regulatory Commission (“FERC”) issued a Notice of Inquiry (“NOI”) and Final Rule at the end of July to address several urgent cybersecurity issues affecting the bulk electric system. FERC is taking these actions in the face of … [Read more] about FERC Takes Action on Cybersecurity in Response to Ukrainian Cyber Attacks
German DPAs Will Not Be Able to Challenge Privacy Shield this Year
Even before the ECJ’s Schrems decision invalidated Safe Harbor, the European Commission had begun working closely with US negotiators to craft what has become the U.S.-EU Privacy Shield. While EU privacy leaders have noted that Privacy Shield … [Read more] about German DPAs Will Not Be Able to Challenge Privacy Shield this Year