The Cybersecurity Law Report

Incisive intelligence on cybersecurity law and regulation

Articles By Topic

By Topic: Safe Harbor

  • From Vol. 2 No.4 (Feb. 17, 2016)

    Deal Struck to Maintain the Transatlantic Data Flow 

    Two days after the expiration of a deadline set by Europe’s data protection authorities, and after months of negotiations, the European Commission and U.S. Department of Commerce reached an understanding that intends to allow transatlantic transfer of digital data by thousands of companies to continue. With data flows impacting billions of dollars in bilateral trade at stake, the so-called “privacy shield” agreement “makes existing cooperation between the FTC and E.U. DPAs [data protection authorities] more robust, with better enforcement mechanisms and means of redress for E.U. citizens whose privacy rights may have been infringed by E.U.-U.S. cross border transfers,” Davina Garrod, a London-based Akin Gump partner told The Cybersecurity Law Report. However, she added that “the shield is by no means a panacea, and does not fix all of the problems identified by the [E.U. Court of Justice] in the Schrems judgment” that invalidated the previous safe harbor data transfer pact. We discuss the agreement, the important steps that remain before the privacy shield can be finalized, and the immediate impact on companies. See also “Dangerous Harbor: Analyzing the European Court of Justice Ruling” (Oct. 14, 2015).

    Read Full Article …
  • From Vol. 2 No.3 (Feb. 3, 2016)

    Safe Harbor 2.0 Agreement Reached

    The European Commission has announced a new agreement with the U.S. for the transfer of data to replace the invalidated Safe Harbor pact. “For the first time ever, the United States has given the E.U. binding assurances that the access of public authorities for national security purposes will be subject to clear limitations, safeguards, and oversight mechanisms,” E.U. Commissioner for Justice Věra Jourová said in press release. We share an article from our sister publication, Policy and Regulatory Report (PaRR).

    Read Full Article …
  • From Vol. 1 No.11 (Aug. 26, 2015)

    Seeking Solutions to Cross-Border Data Realities

    Transnational companies face complex challenges arising from their operations across jurisdictions, ranging from payroll logistics to responding to foreign governments’ evidentiary requests for digital data stored throughout the world.  In this interview with The Cybersecurity Law Report, Bryan Cunningham, a partner at Cunningham Levy, and Paul Rosenzweig, a partner at Red Branch Consulting, both senior advisors to The Chertoff Group, discuss myriad issues in transferring digital data across nations that have different privacy regimes, potential solutions, and their take on pending cases that could change how companies handle data.  See also “ECJ Hearing on Safe Harbor Challenges How U.S. Companies Handle European Data,” The Cybersecurity Law Report, Vol. 1, No. 1 (Apr. 8, 2015).

    Read Full Article …
  • From Vol. 1 No.11 (Aug. 26, 2015)

    Ropes & Gray Bolsters Privacy & Data Security Practice in Boston and London

    Ropes & Gray recently announced that Heather Egan Sussman and Rohan Massey have joined as partners in the firm’s privacy & data security practice.  Sussman joins in Boston, and Massey joins in London.  Sussman and Massey previously served as leaders of privacy & data security and technology practices at McDermott Will & Emery and, together with Doug Meal, will lead the privacy & data security practice at Ropes & Gray.  

    Read Full Article …
  • From Vol. 1 No.7 (Jul. 1, 2015)

    SEC Commissioner Says Public-Private Partnership Is Key to Effective Cybersecurity

    In a speech at this year’s SINET Innovation Summit, SEC Commissioner Luis Aguilar emphasized the “scope and urgency” of cybersecurity threats and the ineffectiveness of many network security programs, citing a multitude of studies.  He also called for more formalized information-sharing between private sector companies and the government.  See also “In a Candid Conversation, FBI Director James Comey Talks About the ‘Evil Layer Cake’ of Cybersecurity Threats,” The Cybersecurity Law Report, Vol. 1, No. 5 (Jun. 3, 2015).

    Read Full Article …
  • From Vol. 1 No.1 (Apr. 8, 2015)

    ECJ Hearing on Safe Harbor Challenges How U.S. Companies Handle European Data

    Can U.S. companies continue to rely on the Safe Harbor program that permits them to transmit and store data originating in the EU despite the EU’s stricter privacy laws?  The European Court of Justice is now considering how and where U.S. companies are permitted to handle EU data.  The court heard arguments in Luxembourg on March 24, 2015 related to Austrian Facebook user Maximilian Schrems’ challenge to the 15 year-old Safe Harbor structure.  Clara Rosales Rosado of Policy and Regulatory Report (PaRR), a sister publication of The Cybersecurity Law Report, talked to Schrems about the case and his strategy and reported on the hearing.

    Read Full Article …