The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 211: Cybersecurity and Privacy Risks for the Healthcare Industry with Brandon Robinson of Maynard Nexsen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
The EU Data Act is one of the cornerstones of the EU's Data Strategy and introduces a new and horizontal set of rules on data access and use to boost the EU's data economy. Most of the provisions of the Data Act will become...more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Theodore Christakis, Professor of International Law at the University Grenoble Alpes and Senior Fellow and Director of Research for Europe at the Cross-Border Data Forum, has published a new comprehensive analysis on...more
On September 7, 2023, the Saudi Authority for Data and Artificial Intelligence (SDAIA) issued the Implementing Regulations of the Personal Data Protection Law (the Implementing Regulations) and the Regulations on Personal...more
As we’ve written about before, the question of anonymization can be tricky. When is something “anonymized” or merely “de-identified” or “pseudonymous” — and when does it matter? This is a particularly fraught issue under...more
The GDPR allows individuals to request information about the “recipients or categories of recipients” to whom their personal data has been disclosed. In a recent ruling, the EU’s Court of Justice said data subjects get to...more
Since Schrems II invalidated the US/EU Privacy Shield, the flow of personal data from the European Union to the United States has been subject to intense regulatory scrutiny. Companies transferring personal data to the United...more
Key Points - President Biden has signed the long-awaited executive order implementing U.S. commitments to the new successor agreement to the Privacy Shield, the EU-U.S. Data Privacy Framework—a historic step in respect of...more
A new legal mechanism to allow for transfers of personal data between the EU and the U.S. is now advancing after an October 7th, 2022 Executive Order was issued by U.S. President Biden (the “Executive Order”). The new...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
...This session, led by industry-acknowledged experts in areas ranging from data protection and privacy to data transfer and legal discovery, provided a professional forum for the explanation of the best approaches,...more
After two-plus years of mostly attending CLEs, webinars, and other knowledge-building events via Zoom, Teams or some other virtual platform, it was great to get together with like-minded privacy professionals in Washington,...more
On March 25, 2022, the U.S. and EU announced that they reached a political agreement in principle on a new "Trans-Atlantic Data Privacy Framework" (the Framework). This would be the third framework for EU-U.S. personal data...more
In light of the “changed security policy situation” following Russia’s invasion of Ukraine, the Norwegian data protection regulator recently encouraged any company that exports personal data to Russia and Ukraine to review...more
European regulators unofficially announced the major theme of this new year, through the release of several decisions pertaining to cookies and other tracking technologies in the first 10 days of 2022. As the General Data...more
The German Data Protection Conference (DSK) issued guidance on the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (‘TTDSG’), which went into effect on December 1, 2021...more
The concept of a “transfer” under Chapter V of the GDPR has always been a bit like obscenity. We didn’t have an authoritative definition, but with apologies to the late Justice Potter Stewart, we knew it when we saw it. And...more
The European Data Protection Board (EDPB) has provided further guidance on data transfers. Specifically, this most recent guidance clarifies what constitutes a “transfer.” While the concept of a transfer may seem...more
The European Data Protection Board (EDPB), the body which represents EU data protection authorities, has adopted guidelines (Guidelines) confirming when transfers need to be “safeguarded” in accordance with the GDPR (and...more
They State That Direct Collection of Personal Data by Non-EU Companies Is Not a "Data Transfer" Under the GDPR On November 18, 2021, the European Data Protection Board (EDPB) issued guidelines (Guidelines) that—for the first...more
Whilst European and North American businesses are well accustomed to dealing with complex data protection legislation, businesses in the MENA region have by and large not had to consider the same in their local markets. ...more
The law will take effect on November 1, 2021 giving companies under two months to ensure their privacy policies and systems comply. On August 20, the Standing Committee of the 13th National People’s Congress of China...more
The United Kingdom Information Commissioner’s Office (ICO) recently launched a consultation regarding the transfer of personal data outside of the U.K. The ICO is seeking comment on its draft international data transfer...more
The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reins on how the New SCCs cover data transfers and what companies need to do to take advantage...more
Personal data can continue to flow freely between Europe and the United Kingdom (UK) following an agreement by the European Union (EU) to adopt an Adequacy Decision under Article 45 of Regulation 2016/679 (the General Data...more