On July 30, 2020, the European Council announced sanctions against six individuals and three organizations for their involvement in a series of cyber-attacks that have caused significant damage in the EU and around the world over the last several … [Read more] about EU Announces First Sanctions under EU Cyber Sanctions Regime
SEC Creates Event and Emerging Risk Examination Team
Following OCIE’s recent and detailed risk alert regarding the threat of ransomware, the SEC today announced that it has created the Event and Emerging Risk Examination Team (EERT) as a part of the Office of Compliance Inspections and Examinations … [Read more] about SEC Creates Event and Emerging Risk Examination Team
The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation
On Tuesday, July 21, 2020, the New York Department of Financial Services (the “NYDFS”) brought its first enforcement action under its Cybersecurity Regulation (the “Regulation”) against a large title insurer (the “Company”) for failing to protect … [Read more] about The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation
EDPB to Publish FAQs on Data Transfers
This morning, Germany’s Federal Data Protection Authority (DPA) announced that the European Data Protection Board (EDPB) has finalized an initial set of FAQs on international transfers in light of the recent Schrems II judgment. You can read our … [Read more] about EDPB to Publish FAQs on Data Transfers
EDPB clarifies Brexit obligations for holders of Binding Corporate Rules which have the UK ICO as their lead authority
On July 22, 2020, the European Data Protection Board (‘EDPB’) released an information note on Binding Corporate Rules (‘BCRs’), which provides guidance for groups of undertakings/enterprises which have the UK ICO as their competent supervisory … [Read more] about EDPB clarifies Brexit obligations for holders of Binding Corporate Rules which have the UK ICO as their lead authority