The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
Mayer Brown Partners Ana Bruder, Justin Herring, and Oliver Yaros focus on cybersecurity risks and regulations in the EU and UK. They explore third-party risks, ransomware incidents, and the impact of AI, while examining how...more
Katten's Financial Markets and Funds Quick Take is a monthly newsletter highlighting key noteworthy developments potentially affecting financial markets and funds....more
Beginning October 12, 2023, the UK-U.S. Data Bridge will allow UK companies to transfer personal data to the United States using the new EU-U.S. Data Privacy Framework....more
Data transfers from the EU to the US will now be easier for many companies, following a long-awaited decision from the European Commission. More than a year after the first announcement of the Trans-Atlantic Data Privacy...more
On November 28, 2022, the Council of the European Union formally adopted the Network and Information Security 2 Directive (NIS 2 Directive), replacing the current NIS Directive (Directive 2016/1148/EC). On 27 December 2022,...more
The UK government set out its detailed proposals for data protection reform on 18 July 2022 in the form of the Data Protection and Digital Information Bill. Compared with some of the radical ideas in the 2021 public...more
Employers often want to have a data retention policy that works for all of their international operations. We look at the challenges with this approach and how to make it work in practice....more
A recent UK Court of Appeal decision highlights ongoing uncertainty regarding the jurisdictional reach of the GDPR and invites intervention from the Information Commissioner’s Office. ...more
The following outlines where Katten can help clients to comply with their General Data Protection Regulation (GDPR) obligations. This note is appropriate for clients that are already doing business in the UK or the EU, or may...more
The United Kingdom has been busy in the past couple of weeks starting to chart its independent course on data protection and privacy matters. We should keep in mind, however, that some of the more dramatic announcements...more
We’re checking in with our Europe-based expert on the latest European updates and upcoming changes for the third quarter of 2021 including updates on Brexit, European Union (EU) data protection policies, block exemption...more
Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
Organizations in the United States often ask us how to comply with GDPR. But starting with that question skips a key inquiry: the extent to which GDPR applies to a US company in the first place....more
On February 19, the European Commission (EC) published the draft of its much hoped-for adequacy decision for transfers of personal data to the UK under the EU General Data Protection Regulation (EU GDPR) (Draft Adequacy...more
The United Kingdom’s Information Commissioner’s Office (ICO) finalized a new Code of Practice (the Code) in September 2020, which applies to most companies that offer online services to or otherwise collect personal data from...more
The EU-UK Trade and Cooperation Agreement provided breathing room for businesses engaging in data transfers from the EU to the UK in the form of a ‘bridging period’ of up to six months where such transfers can continue...more
The UK left the EU on January 31, 2020. On Christmas Eve, the two parties signed a Trade and Cooperation Agreement. Under the Agreement, EU personal data can be processed in the UK for six months. The European Commission will...more
In September 2020, the UK government published its National Data Strategy (“NDS”), aiming to use data to boost the UK economy and to “unlock the power of data for the UK,” particularly in light of Brexit. The NDS is intended...more
The European Data Protection Board (EDPB) and a number of European data protection supervisory authorities have recently issued guidance on processing personal data, including special categories of personal data (i.e., health...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed. Brexit Note: The GDPR will apply in...more
Everyone knows about the General Data Protection Regulation (GDPR). The GDPR is the EU’s new privacy regime in the region. Over a year has passed since its implementation and organizations are discovering how strict EU...more
Want a certificate for all your hard work on GDPR? Later this year, “certification” will come into effect as a way for both data controllers and processors subject to UK data protection laws to demonstrate compliance with...more
“The crucial, crucial change [GDPR] brought was around accountability. Accountability encapsulates everything the GDPR is about,” says UK Information Commissioner Elizabeth Denham. Denham said companies must understand the...more
The UK Information Commissioner’s Office (ICO) has issued a new guidance on the liabilities of Controllers and Processors, advising that the Controller is responsible for assessing that its Processor is competent to process...more
The UK's pending exit from the European Union on March 29, 2019, will have far-reaching effects on many business activities, including the processing of personal data. While the ultimate legal implications are subject to...more