Category Archives: United States

In what's turned out to be a great week for US privacy developments, hot on the heels of the Privacy Shield announcement,  yesterday, 14 July,  the 2nd US Circuit Court of Appeals gave its anxiously awaited judgment in the Microsoft search warrant saga. The case centred on a warrant in a US narcotics case requiring Microsoft to hand over emails that were stored on a Microsoft server in Dublin. After Microsoft  refused, a District Court in Manhattan held in 2014 that Microsoft was compelled to hand the emails over. Microsoft appealed. At stake of course was not just some emails, but fundamental questions concerning the extent to which one country can extend its long arm of the law into another jurisdiction and the individual's rights to privacy and protection under their own domestic laws. No wonder then that this case quickly became a cause celebre  not only for privacy … Continue Reading ››
Today marks exactly two years until the introduction of major changes in EU data protection, including mandatory data breach reporting, when the General Data Protection Regulation takes direct effect. Olswang will be hosting a number of webinars in the count down to 25 May 2018, and what better way to start your business's preparations than by joining Olswang's webinar on how to manage data security breaches. 'Lessons from the US and impending change in Europe: what you need to know about managing data security breaches' held in conjunction with Epiq and Brit Global Specialty. Our webinar will cover important updates on the following:
  • US trends and developments in managing data security breaches – Brookes Taney, Vice President of Breach Solutions, Epiq
  • UK trends and developments in data litigation – Dan Tench, Partner, Olswang
  • What will the new GDPR European regime mean for companies both within and outside Europe? – Elle Todd, Partner, Olswang
  • The role of … Continue Reading ››
The likely demise of the US Safe Harbor is dominating the data news headlines - but what else is happening in the world of data and cyber regulation? Datonomy provides a round up of other recent developments in Europe and Asia. With contributions from Andreas Splittgerber and Christian Leuthner in Germany, Sofia Fontanals in Spain and Matthew Hunter, Daniel Jung and Aisling O’Dwyer in Asia, in this update we cover:
  • EU policy and regulation including latest news from Brussels on the GDPR and NISD
  • News from the UK
  • News from Germany
  • News from Spain
  • News from Asia
EU POLICY AND REGULATION
  • GDPR and NISD: Commission President Junker has yet again affirmed the “swift adoption” of the GDPR and NISD as priorities in this open letter of 9 September to the European Parliament. Below we take a more detailed look at the recent procedural progress of these two (not-so-swift) proposals.
On 13 February 2015, President Obama signed an Executive Order strongly promoting (but not compelling) the sharing of cybersecurity information between all types of private and public entities. This approach reflects the belief that the rapid dissemination of accurate intelligence regarding cyber threats will be the best way to cultivate cybersecurity.  Central to this US strategy is the encouragement of private participation, and organisations will have the opportunity to have a say on both the new standards and the standard-setting organization established by Executive Order. The Order builds upon the previous cybersecurity groundwork laid by President Obama’s Executive Order of 12 February 2013 (Improving Critical Infrastructure Cybersecurity) and the key information sharing legislation passed in December 2014: The National Cybersecurity Protection Act 2014 and The Cybersecurity Enhancement Act 2014. In order to facilitate improved cybersecurity, the Order calls for the creation of, and participation in, ISAOs (information sharing and analysis … Continue Reading ››
With cyber attacks now routinely in the headlines, with the global cost of cybercrime estimated at $400 billion for this year and with governments responding with a host of counter-measures, The Datonomy team  is launching a weekly round-up to help you stay up to date the latest legal, regulatory and news developments from around the world. Given the inextricable link between data privacy and cybersecurity, we hope that Datonomy’s growing readership  will find this update useful. We look forward to hearing your comments, and welcome news and updates from Datonomy readers  around the globe. UK developments
  • Cyber security was again front page news last week with the announcement by the UK and US that they will stage cyber attack war games, initially in the financial services sector, and improve the exchange of cyber intelligence between the two powers – read the BBC’s coverage here. In related news, twelve UK cyber … Continue Reading ››
Datonomy considers the Germany authorities’ reaction to the PRISM affair, and the wider practical consequences this could have for international transfers being made under the auspices of U.S. Safe Harbor and model contracts. After the reports about extensive surveillance activities by foreign and European intelligence services, especially by the American National Security Agency (NSA) and the UK Government Communications Headquarters (GCHQ) and possible transfers of personal data to them by American companies, European data protection authorities are raising their voices. In a letter dated 13 August 2013, the chairman of the Article 29 Working Party expressed his deep concern to the Vice-President of the European Commission, Viviane Reding, urging her to seek for more clarification from the U.S. as well as announcing the intention of the European data protection authorities to conduct own investigations regarding the compliance of foreign and European intelligence programs with EU data protection principles. Concrete actions have … Continue Reading ››
In a month that has seen US politicians claim that is "losing the war" against international cyber attacks, and yet more household names report hacks on their systems, Datonomy has been looking at the practical obligations that the EU's proposed new Directive on Network and Information Security could bring for businesses, and considering similar measures which are coming into force in Asia. As if the escalating levels of threat are not enough (take your pick of this month's news coverage – how about the "Eight billion hacking attacks a day" headline from ITV here )  governments around the globe are proposing new legal obligations and sanctions to compel organisations to get their cyber defences in order and notify the authorities when their systems have been compromised. The EU officially unveiled its cyber strategy and Directive on Network and Information Security at the start of the month. This … Continue Reading ››