Federal Trade Commission Hosts Panels Related to Consumer Privacy and Data Security at PrivacyCon
This summer, the Federal Trade Commission (“FTC”) hosted its sixth annual PrivacyCon, an event focused on the latest research and trends related to consumer privacy and data security. This years’ event was divided into six panels: Algorithms; Privacy Considerations and Understandings; Adtech; Internet of Things; Privacy-Children and Teens; and, … Read More
Sidley Privacy and Cybersecurity Roundtable
Please join Sidley’s Privacy and Cybersecurity Group for a two-part discussion with UK government officials with a focus on data transfer and innovation.
UK Data Protection and Data Transfers – New Directions
In this Chatham House discussion, our panelists will cover:
- Data Transfers to the U.S. and Developments on “Adequacy”
UK Government Publishes UK Approach to International Transfers, Including Data Adequacy
On August 26, 2021, the UK Government’s Department for Digital, Culture, Media and Sport (DCMS) published its mission statement setting out the UK approach to adequacy assessments and international data transfers, alongside a Manual Template and Manual Guidance for undertaking adequacy assessments and an infographic map illustrating ten priority countries … Read More
SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc
Through its announcement of settled charges against Pearson plc (Pearson) on August 16, 2021, the U.S. Securities and Exchange Commission signaled its continued, high level scrutiny of companies’ public statements related to data security incidents.1 Without admitting or denying the SEC’s findings, Pearson agreed to a cease and desist … Read More
Enhanced Focus on Digital Asset Intermediaries by SEC, Congress, and State Securities Regulators
Given the substantial growth in digital asset investments this year, intermediaries offering trading and lending services are now the target of regulatory and enforcement focus that we expect will continue in the coming months and years. Recent examples of this increased scrutiny of digital asset service providers and intermediaries include… Read More
European Commission Adopts UK Adequacy Decisions Allowing Personal Data to Freely Flow from the EU to the UK
On 28 June 2021, the European Commission announced that it has adopted two adequacy decisions for the UK, one under the General Data Protection Regulation (GDPR) and one under the Data Protection Directive with Respect to Law Enforcement (Law Enforcement Directive) (Adequacy Decisions). The … Read More
European Data Protection Board Issues Final Schrems II Recommendations
The European Data Protection Board (“EDPB”), adopted on 18 June 2021 its final recommendations describing how controllers and processors transferring personal data outside the European Economic Area (“EEA”) may comply with the Schrems II ruling (“Final Schrems II Recommendations”). The Final Schrems II Recommendations, … Read More
SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned
On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.1 Without admitting or denying the SEC’s findings, First American agreed to a cease-and-desist order and to … Read More
SCCs, Adequacy, and Guidance: Latest Updates on International Data Transfers
The next few weeks will likely be very busy for companies on the GDPR international data transfer front as there have been a number of key European developments over the last few days including:
Transferring EU Data To US After New Contractual Safeguards – A Proposal to Notify Intelligence Agencies of “US Person” Prohibition on Targeting SCC Transfers
This article was first published by Law360 on May 17, 2021.
In light of new standard contractual clauses, or SCCs, to be issued shortly by the European Commission, as well as imminent new guidance from the European Data Protection Board, companies transferring personal data to the U.S. should consider taking … Read More