The Cybersecurity Law Report

Incisive intelligence on cybersecurity law and regulation

Articles By Topic

By Topic: Privacy Shield

  • From Vol. 2 No.22 (Nov. 2, 2016)

    Navigating the Early Months of Privacy Shield Certification Amidst Uncertainty

    Over two hundred companies have become Privacy Shield-certified and hundreds more have begun the process. Others are taking their time and weighing their options, particularly because a challenge to the Privacy Shield has already been filed in Europe. “This is a serious privacy program . . . that we intend to have implemented and administered in a way that maintains the confidence of data protection authorities and stakeholders in Europe,” Ted Dean, Assistant Secretary for Services at the Department of Commerce said. During a recent webinar hosted by Data Guidance, Dean and attorneys at Sidley Austin discussed how to approach the self-certification process and whether this mechanism for transatlantic data transfer is the right choice for all companies. For more on the Privacy Shield’s specific requirements, see “Key Requirements of the Newly Approved Privacy Shield” (Jul. 20, 2016).

    Read Full Article …
  • From Vol. 2 No.15 (Jul. 20, 2016)

    Key Requirements of the Newly Approved Privacy Shield

    The European Union formally adopted the long-awaited Privacy Shield last week, which replaces the Safe Harbor framework as a mechanism to comply with E.U. data protection requirements for the E.U.-U.S. transfer of personal data. Companies can begin to self-certify compliance with the framework on August 1, 2016. “Companies cannot take the Privacy Shield lightly. It’s a much more detailed framework with more accountability” than Safe Harbor, Sidley Austin senior counsel Cam Kerry told The Cybersecurity Law Report. We review the Privacy Shield’s background, its key requirements and examine whether, when and how to join. See also “Deal Struck to Maintain the Transatlantic Data Flow” (Feb. 17, 2016).

    Read Full Article …
  • From Vol. 2 No.15 (Jul. 20, 2016)

    Challenges Facing Chief Privacy Officers

    Constantly evolving data privacy laws and heightened cyber threats place a large burden on the shoulders of chief privacy officers (CPOs). At a recent PLI panel, Keith Enright, the legal director of privacy at Google; Lauren Shy, the CPO of Pepsico; and Zoe Strickland, the global CPO at JP Morgan Chase, shared their thoughts on some of the recent challenges facing CPOs, including how to work with different departments, the CPO’s role in incident prevention and response, and the pros and cons of different cross-border data transfer mechanisms. The panel was moderated by Lisa J. Sotto, a partner at Hunton & Williams. See also “Establishing Strong Cybersecurity and Data Privacy Leadership: The Roles of the Chief Information Security Officer and Chief Privacy Officer” Part One (May 6, 2015); Part Two (May 20, 2015).

    Read Full Article …