On July 13, 2020, the Federal Trade Commission (“FTC”) hosted a virtual workshop on its proposed changes to the Standards for Safeguarding Customer Information (“Safeguards Rule”). The workshop followed up…
July was a busy month for data protection in the EU and UK. While the long-awaited Schrems II decision captured the most headlines, data protection authorities (“DPAs”) and Member State…
As covered in our previous blog post, the CJEU has invalidated the EU-U.S. Privacy Shield for cross-border transfers of personal data from the EU to the U.S. (the “Schrems II”…
The New York State Department of Financial Services (“DFS”) issued a Statement of Charges and Notice of Hearing (the “Charges”) earlier today against First American Title Insurance Company (“First American”) for…
Today the Court of Justice of the European Union (CJEU), the EU’s highest court, invalidated the EU-U.S. Privacy Shield for cross-border transfers of personal data. The CJEU’s decision also cast…
Ransomware attacks continue to plague businesses across the globe. As companies enhance their defenses, attackers increase the sophistication of their software and its deployment. Ransomware attacks used to be limited…
Today, Debevoise’s Data Strategy & Security practice (DSS) is launching a Data Blog to help clients identify and respond to emerging issues, and a Debevoise Data Portal to help clients facing a breach…
It looks like the California Attorney General’s implementing regulations for the California Consumer Privacy Act (“CCPA”) are, finally, final. On June 1, 2020, the California Attorney General submitted for publication…
On May 21, 2020, Avi Gesser and Luke Dembosky discussed the latest cybersecurity and privacy considerations for financial sponsors and PE-backed portfolio companies, including: The unique cybersecurity challenges facing PE…
Since the start of the COVID-19 epidemic, and following the lockdown measures put in place in affected countries, the use of new communications tools by companies and their employees is…