In a long-awaited final decision, the UK Information Commissioner’s Office (the “ICO”) has issued a fine of £20m to British Airways (“BA”) following a data breach that took place in…
Earlier this year, we shared a list of 13 technical and nontechnical measures companies can adopt to mitigate the risks of ransomware attacks. With ransomware and other malicious cyber-related attacks…
Reproduced with permission. Published Sept. 10, 2020. Copyright 2020 The Bureau of National Affairs, Inc. 800-372-1033. For further use, please visit http://www.bna.com/copyright-permission-request/ There’s been dramatic growth in the role lawyers…
We’ve noticed that people seemed more determined than usual this year to really unplug during their vacations. That was no doubt a healthy reaction to months of pandemic-related stress. For…
As we have discussed in recent webinars and blog posts, the New York Department of Financial Services has recently brought its first enforcement action under its cybersecurity rules (23 N.Y.C.R.R.…
On July 13, 2020, the Federal Trade Commission (“FTC”) hosted a virtual workshop on its proposed changes to the Standards for Safeguarding Customer Information (“Safeguards Rule”). The workshop followed up…
July was a busy month for data protection in the EU and UK. While the long-awaited Schrems II decision captured the most headlines, data protection authorities (“DPAs”) and Member State…
As covered in our previous blog post, the CJEU has invalidated the EU-U.S. Privacy Shield for cross-border transfers of personal data from the EU to the U.S. (the “Schrems II”…
The New York State Department of Financial Services (“DFS”) issued a Statement of Charges and Notice of Hearing (the “Charges”) earlier today against First American Title Insurance Company (“First American”) for…
Today the Court of Justice of the European Union (CJEU), the EU’s highest court, invalidated the EU-U.S. Privacy Shield for cross-border transfers of personal data. The CJEU’s decision also cast…