October was a particularly busy month, with headline-grabbing stories such as the long-awaited finalisation of the fines against British Airways and Marriott, which may well be the last penalties the…
In a long-awaited final decision, the UK Information Commissioner’s Office (the “ICO”) has issued a fine of £20m to British Airways (“BA”) following a data breach that took place in…
Throughout September, companies, regulators and policymakers have continued to respond to the fallout from Schrems II. Since our last update we have also seen the second largest fine to date…
August proved to be another busy month for data protection developments in Europe, fuelled in part by the aftermath of the Court of Justice of the European Union’s (“CJEU”) decision…
We’ve noticed that people seemed more determined than usual this year to really unplug during their vacations. That was no doubt a healthy reaction to months of pandemic-related stress. For…
July was a busy month for data protection in the EU and UK. While the long-awaited Schrems II decision captured the most headlines, data protection authorities (“DPAs”) and Member State…
As covered in our previous blog post, the CJEU has invalidated the EU-U.S. Privacy Shield for cross-border transfers of personal data from the EU to the U.S. (the “Schrems II”…
Today the Court of Justice of the European Union (CJEU), the EU’s highest court, invalidated the EU-U.S. Privacy Shield for cross-border transfers of personal data. The CJEU’s decision also cast…
Ransomware attacks continue to plague businesses across the globe. As companies enhance their defenses, attackers increase the sophistication of their software and its deployment. Ransomware attacks used to be limited…
Introduction Much has been written recently on the increased cybersecurity and privacy risks that companies are facing. One of the most effective ways for organizations to mitigate those risks is…