Privacy & Cybersecurity

EU Commissioner Vera Jourova recently announced in a speech to the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) that the Commission and the US have made substantial progress in finalizing a new Safe Harbor program.

As all of our readers know by now, as of October 6, the US-EU Safe Harbor Framework is no more. Safe Harbor was the mechanism on which thousands of US companies (and thousands of companies based in the European Union) legitimized their data transfers from the EU to the US.

The Irish High Court today has ordered the Irish Data Protection Commissioner (DPC) to investigate Facebook's European data privacy practices, bringing Max Schrems' three-year fight full circle. 

The so-called "Article 29 Working Party" of EU Data protection officials from the 28 EU member states today released a much-anticipated press release regarding the Court of Justice of the European Union (CJEU) landmark decision invalidating the US-EU Safe Harbor framework.

To take a step back from our continuing analysis of the situation and developments in Europe, there are other things going on in the privacy and data security world! Our October Wednesday Webinar is coming up and we will take a walk on the wild side: data security litigation. 

The EU Parliament committee that is charged with considering data protection matters (LIBE) has issued a press release calling on the European Commission to take action before the end of 2015 to come up with alternatives to Safe Harbor. 

As reported on Friday in the Krebs on Security blog, online broker Scottrade had sent an e-mail to customers earlier that day stating that it recently had learned from law enforcement officials that Scottrade was one of a number of financial services companies that had been victimized by data thieves. 

Don't forget to join us this afternoon - Wednesday - at 3 PM ET for a webinar discussion of the European Court of Justice's game changing decision invalidating the US-EU Safe Harbor framework. What's next? What should be your Plan B?

A press release issued by the Court of Justice of the EU (ECJ) regarding its decision in the Schrems Safe Harbor case (C-362/14) confirms that the ECJ has declared Safe Harbor invalid.

As I reported earlier today, the Court of Justice of the EU (ECJ) has declared Safe Harbor invalid.

Welcome to the first Monday in October!
The big issue for this week is tomorrow's impending decision from the European Court of Justice in the Schrems v. Facebook Safe Harbor matter.

Since the Snowden revelations, trouble has been brewing for the EU-US Safe Harbor program and companies which utilize this program to make transfers of personal information from the EU to the US legal under EU privacy laws.

Putting your organization's name in the paper can be a boon to both your business and your career. The ego stroke isn't bad either; it can be quite a jolt to see your name in a trade or general news publication for the first time. 

The European Court of Justice (ECJ) has announced that it will release its decision in the Schrems Safe Harbor case on Tuesday, October 6. It is highly unusual for the ECJ to issue a decision so quickly after publication of the Advocate General’s opinion on a case.  

EU data protection law prohibits the transfer of personal data to countries or territories outside the EEA unless they are considered to provide adequate protection. One of the ways certain US organisations can demonstrate an adequate level of protection is by signing up to the Safe Harbor principles, a self-certification standard operated by the US Department of Commerce and enforced by the FTC.

The SEC has announced a new round of cybersecurity inspections at broker-dealer and registered investment advisory firms. If that's not enough to catch your attention, just days after issuing the Risk Alert, the SEC censured and fined a St. Louis-based investment advisor for a failure to adopt written policies and procedures to ensure the confidentiality of personal information as required by law.

Does your company rely on Safe Harbor to transfer personal data from Europe to the U.S.? If so, it’s time to think about alternatives to Safe Harbor – and fast.

Giovanni Buttarelli, the European Data Protection Supervisor (EDPS), recently announced the formation of a new external Ethics Board that will do a deep dive into the complex ethical issues that surround the use of  personal data in the “big data” economy.

It's back to school time - time to put away the flip flops and beach chairs and settle back into the routine. To help motivate you, the Securities and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) has announced a new round of cybersecurity examinations!

Companies that require customers to agree to receive autodialed marketing calls and text messages as a condition for using the companies’ services have been put on notice that they may be in violation of the Telephone Consumer Protection Act (“TCPA”).