China Passes Long-Awaited Measures on Security Assessment for Data Export07.14/Alert
On July 7, 2022, the Cyberspace Administration of China (CAC) of the People’s Republic of China (PRC or China) released the final version of the long-awaited Measures on Security Assessment for Data Export (Measures, “《数据出境安全评估办法》” in Chinese). The Measures specify the thresholds of data and information, the export of which is subject to CAC’s security assessment.
Landmark Federal Privacy Bill Clears First Congressional Hurdle07.08/Alert
In early June, Rep. Frank Pallone (D-NJ-6) and Rep. Cathy McMorris Rodgers (R-WA-5), the Chair and Ranking Member of the House Energy & Commerce Committee, along with Senator Roger Wicker (R-MS), Ranking Member of the Senate Science, Commerce & Transportation Committee, unveiled a draft federal privacy bill known as the “American Data Privacy and Protection Act.” The proposal—the first to garner bipartisan, bicameral support in Congress—would establish a national framework to protect consumer data privacy and security and bolster individual privacy rights.
Data Privacy Fines and Damages “Double Jeopardy”: UK Supreme Court Hears Google “Class Action”04.29/Alert
This week sees a key hearing before the UK Supreme Court in the case of Lloyd v Google, an event long awaited by those familiar with data protection law proceedings in Europe.
New EU Data Laws—What Nonprofit Organizations Need To Know04.23/Alert
Nonprofit organizations can often handle large amounts of data originating in the EU. Though it is a common misconception that nonprofits are exempt from GDPR compliance, the fact is they are not.
Blockchain and the Legal Landscape03.26/Video
In this video, Pillsbury partner Mercedes Tunstall discusses some of the important legal issues to consider when exploring a blockchain solution.
Oh No, Mr. Robot Just Hacked Our Smart Building…03.26/Blog
Despite some very real-world examples, such as a 2017 breach of Dallas' emergency siren system, there seems to be little recognition of the security risk that connected buildings and smart cities entail.
Top Ten Emerging Trends in Pay Ratio Disclosure03.21/Alert
Preliminary trends are emerging from the pay ratio disclosures filed by U.S. public companies in 2018.
European Businesses Offering Payment Services Told How to Manage Operational and Security Risks01.29/Alert
The European Banking Authority has unveiled nine operational and risk management guidelines with which all payment services providers are expected to comply.
Time Is of the Essence: Multinational Companies Must Respond to Cyber Regulation11.30/Blog
Cyberinsurance could help mitigate risk for companies impacted by the new EU General Data Protection Regulation when it takes effect in May.
EU Data Transfer Solutions Under Further Judicial Scrutiny – What Next For Model Contract Clauses?11.16/Blog
Many organizations rely on MCCs to transfer personal data worldwide. That's why data exporters await an EU ruling on the issue with bated breath.
The ICO’s Draft Guidance Leaves Unanswered Questions on Processor Obligation to Notify Infringing Instructions11.13/Blog
One GDPR requirement has been a particular source of angst for commercial and data protection professionals--especially those acting for processors and sub-processors.
Cyberattacks Are the New Norm09.21/Alert
Attorneys general are increasingly launching investigations and filing lawsuits against companies whose customer databases have been stolen. Because of the significant possibility of government action, companies should fully understand their liability insurance policies, obligations and risks.