We held our 5th Annual Privacy and Cybersecurity Roundtable on May 1, in Washington, D.C. The event featured the Chair of the European Data Protection Board Andrea Jelinek and FTC Commissioner Noah Phillips. Other government speakers represented the White House, UK’s Information Commissioner’s Office, and staff members from the U.S. Senate and House of Representatives. Other distinguished panelists included Cam Kerry of Brookings and Jane Horvath from Apple. The speakers addressed privacy and cybersecurity enforcement in the U.S. and EU, Brexit, Online Harms and the prospects for federal privacy legislation. The insightful program was followed by a competition between the sausage-making (and brewing) achievements of leading privacy jurisdictions such as Brussels, California, Washington, D.C. and China (representing a privacy continuum!). Sidley also commemorated “20 Years of CyberLaw at Sidley” – two decades since the founding of today’s Privacy and Cybersecurity practice. We look forward to continuing to thrive and serve our clients. We hope to see you at next year’s Privacy and Cybersecurity Roundtable.
The updated 2019 Chambers Global Practice Guide for Data Protection & Cybersecurity is available, covering important developments across the globe and bringing expert legal commentary for businesses particularly involved in the life sciences sector. Read More
Wednesday, March 27, 2019 | 4:00 p.m. EDT / 1:00 p.m. PDT
CLE & CPE Credit Offered
When the California Consumer Privacy Act enters into force on January 1, 2020, it will grant consumers extensive new data rights and place a number of new obligations on companies – obligations that in some ways even exceed those imposed by the European General Data Protection Regulation (GDPR). This means that just about every company doing business in California or with Californians will need to take steps to comply with the CCPA, regardless of their GDPR status. Please join us for a discussion that identifies the key questions and issues companies should be considering before the CCPA enters into force on January 1, 2020. We’ll talk through the steps companies should take now to meet these new obligations.
- Colleen Theresa Brown, Partner
- Christopher C. Fonzone, Partner
- Alan Charles Raul, Partner
- Kate Heinzelman, Counsel
- Sheri Porath Rockwell,Associate
On February 26, 2019, the Technology Policy Institute’s Two Think Minimum podcast featured Sidley Partner and founder of the Privacy and Cybersecurity practice, Alan Raul, alongside former FTC Acting Chairman and Commissioner of the FTC Maureen Ohlhausen. The topic of the day was the future of privacy legislation in 2019. Topics ranged from politics, U.S. State trends, activity in Europe, FTC enforcement powers and more.
The fifth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection and cybersecurity landscape in a time when mega breaches are becoming more common, significant new data protection legislation is coming into effect, and businesses are coming under increased scrutiny from regulators, Boards of Directors and their customers. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. (more…)
Former Department of Homeland Security Chief Privacy Officer Hugo Teufel III and Sidley’s Edward McNicholas addressed a packed room on Chinese Cybersecurity Law at the 2018 Privacy + Security Forum hosted at George Washington University. The timely presentation highlighted how, with significant attention in the past few years focused on the GDPR, many have not fully appreciated the significant policy and legal developments coming out of Beijing. In particular, China has been creating a materially different approach to cybersecurity which serves the central purpose of defending the Chinese notion of cyber sovereignty. Much uncertainty remains about the newly-effective laws and regulations, but it is clear that foreign technology and other companies operating in China should rapidly focus on its significant restrictions on outbound data transfer, the expansive definitions of “important data”, as well as reviews of network equipment security. Their presentation is available here.
Vishnu Shankar, an associate in our London office, spoke with DataGuidance at the 2018 IAPP Data Protection Intensive. He discussed his recommendations on regulatory requirements regarding breach notification across several key pieces of legislation, including the GDPR and the NIS Directive, as well as sector-specific requirements.
Sidley Partner William RM Long has been recognized by Best Lawyers 2019 for Privacy & Data Protection Law in London. William is global co-leader of Sidley’s Privacy and Cybersecurity practice and also leads the EU data protection practice at Sidley.
Recognition by Best Lawyers is based entirely on peer review. Best Lawyers’ methodology is designed to capture, as accurately as possible, the consensus opinion of leading lawyers about the professional abilities of their colleagues within the same geographical area and legal practice area.
Whether you are marking today with a glass of champagne, a shot of whiskey, or a hot cup of tea, today marks a significant day for privacy professionals world-wide.
Here’s to all of the privacy professionals who have put in so many hours to prepare for the GDPR, fully effective as of Friday May 25, 2018 at midnight in Brussels; that is 6 PM eastern on Thursday, May 24th for toasting purposes.
For business executives, policymakers, and consumers who have become aware of the GDPR in recent weeks and are interested in learning more, visit our GDPR resource page here.
The British Private Equity & Venture Capital Association has issued a Guide to GDPR for the Funds Industry focusing on practical guidance, including explanations of what the GDPR is and why it is relevant for the funds industry. Authors included Sidley lawyers William RM Long, Geraldine Scali, Vishnu Shankar, Francesca Blythe, Denise Kara and Eleanor Dodding.
The GDPR, or the General Data Protection Regulation, is a new EU data privacy law that comes into force on 25 May 2018. The GDPR is intended to provide a single harmonised data privacy law that applies across the EU and is appropriate for the use of Personal Data in the 21st century. The GDPR imposes many new data protection requirements on the collection, use and disclosure of Personal Data which will be relevant to firms and imposes significant fines of up to 4% of annual worldwide turnover.
The Guide describes how key parts of the GDPR will apply to firms and key obligations and issues for firms to consider in dealing with the GDPR. Read more.