• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Regulatory Enforcement

EDPB Issues New Guidance for Assessing Personal Data Breaches under the EU GDPR

January 10, 2022 By Paul Greaves and Wim Nauwelaerts

On Monday, 3 January 2022, the European Data Protection Board (“EDPB”) published the finalized version of its regulatory guidance entitled “Examples regarding Personal Data Breach Notification” (the “Guidelines”), following a public consultation on a draft set of guidelines in 2021. The finalized Guidelines are a practice-oriented, and case-based set of examples that leverage the experiences […]

Filed Under: Cybersecurity, Data Breach, Data Protection, Data Security, Enforcement, Privacy Tagged With: Data Breach Notification, Data Protection, EU Data Protection, EU Privacy, EU Regulation, European Union (EU), Regulatory Enforcement

Swiss Data Protection Regulator Is Latest to Outline Framework for Transferring Data to the SEC

August 17, 2021 By Daniel Felz, Kate Hanniford and Wim Nauwelaerts

Entities registered with the U.S. Securities & Exchange Commission (SEC) must maintain certain books and records and can be subject to the SEC’s examination, inspection, and enforcement authority. Responding to SEC requests can require cross-border transfers of personal data, and this has historically risked non-compliance under foreign data protection law. The SEC has been proactive […]

Filed Under: Data Protection, Financial Privacy, International, Privacy, Regulation Tagged With: Cross-border, EU Data Protection, International Data Transfers, Regulatory Enforcement, Securities and Exchange Commission

California Mandates COVID Exposure and Outbreak Reporting to Employees, Government Agencies

September 23, 2020 By Daniel Felz and Privacy, Cyber & Data Strategy Team

On Thursday, September 17, 2020, California Governor Gavin Newsom signed Assembly Bill 685 (“AB685”) into law.  AB685 amends a number of portions of California’s Labor Code to address the COVID-19 pandemic.  In addition to provisions that regulate reopening activities at California worksites, AB685 introduces two new COVID-related notification obligations for California employers: (1) a requirement […]

Filed Under: Advisories, California, Cybersecurity, Health Privacy, Online Privacy, Privacy, Regulation Tagged With: Behavioral Tracking, Big Data, Cybersecurity, Health Information Security, Regulatory Enforcement

EDPB Emphasizes Joint Controllership between Social Media Providers and ‘Targeters’ in Draft Guidance

September 10, 2020 By Paul Greaves

On September 7, 2020, the European Data Protection Board (‘EDPB’) published its draft guidelines on targeting of social media users (the ‘Guidelines’). The EDPB is accepting feedback from stakeholders on the Guidelines until October 19, 2020. The Guidelines not only provide guidance on the obligations of social media providers (‘Providers’) under the EU General Data […]

Filed Under: Data Protection, ePrivacy, GDPR, Privacy Tagged With: Behavioral Tracking, EU Data Protection, EU Privacy, EU Regulation, European Union (EU), GDPR, GDPR Implementation, Marketing, Regulatory Enforcement, Social Media

German DPA Publishes Schrems II Transfer Compliance Checklist and Suggested Modifications to SCCs

August 26, 2020 By Daniel Felz and Paul Greaves

On August 24, 2020, the data protection authority of the German state of Baden-Württemberg (the “DPA”) published guidance (the “Guidance”) on international transfers of personal data following the Schrems II judgment (which we have previously covered here). This represents the first comprehensive guidance by a European privacy supervisor indicating how it intends to enforce the […]

Filed Under: Data Protection, Enforcement, International, Privacy, Uncategorized Tagged With: Cross-border, European Court of Justice, European Union (EU), GDPR, International Data Transfers, Max Schrems Decision, Regulatory Enforcement

  • « Go to Previous Page
  • Page 1
  • Interim pages omitted …
  • Page 5
  • Page 6
  • Page 7
  • Page 8
  • Page 9
  • Interim pages omitted …
  • Page 16
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • Texas Expands Data Broker Act Requirements
  • United States, International Coalition Issue Joint Warning of Increasing PRC Backed Threat Activity
  • CISA Gives Itself an Extension for Cyber Incident Reporting Rules
  • Compliance Deadline for Colorado AI Act Delayed Until June 30, 2026
  • Multistate Privacy Investigative Sweep Targeting Website Global Privacy Control (GPC) Noncompliance
Copyright © 2025 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website.