On August 27, 2021, the Swiss Federal Data Protection and Information Commissioner (FDPIC) formally recognized the new EU Standard Contractual Clauses published by the European Commission on June 4, 2021 (New SCCs). The New SCCs are intended to legitimize transfers of personal data from Switzerland to countries not deemed by the FDPIC as providing an adequate level of protection for personal data (cf. official statement) — thereby completing its guidance on international data transfers published on June 18, 2021. The aim of these documents is to reduce uncertainties in a post-Schrems II era and to help companies ensure the ongoing lawful transfer of personal data.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00William RM Longhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngWilliam RM Long2021-09-27 19:08:412023-09-07 12:34:58Switzerland Recognizes New EU Standard Contractual Clauses and Issues Guidance on International Data Transfers
On September 21, 2021, the U.S. Department of the Treasury (Treasury) Office of Foreign Asset Control (OFAC) imposed sanctions on a virtual currency exchange called Suex OTC, S.R.O. (Suex), and published an updated advisory on potential risks for those who facilitate ransomware payments. These coordinated actions represent significant moves by OFAC to target key aspects of the global ransomware ecosystem and to advance the U.S. government’s broader counter-ransomware strategy. By recommending strengthened cybersecurity measures and emphasizing reporting to law enforcement, OFAC’s updated advisory also reflects increasingly tighter collaboration among federal government agencies in their fight against the ransomware threat.
On August 20, 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL), which will become effective starting November 1, 2021. As an overarching law in China with respect to data privacy, PIPL shares many similarities with the EU General Data Protection Regulation (GDPR). If a company has already been GDPR compliant, its data privacy compliance system can basically work in China, while certain localizations are necessary in response to unique requirements under PIPL. In particular, a company should pay attention to the following differences between PIPL and GDPR:
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Jing Luhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngJing Lu2021-09-23 09:27:022023-09-07 12:35:50Get Prepared for Data Privacy Compliance Under China PIPL
In his statement to the House of Lords on September 16, Lord Frost announced that “we will use the provisions of the Medicines and Medical Devices Act 2021 to overhaul our clinical trial frameworks, based on outdated EU legislation, giving a major boost to the UK’s world-class R&D sector and getting patients access to new lifesaving medicines more quickly. The MHRA which is a world class regulator as we know, is already reforming the medical devices regulations to create a world-leading regime in this area.” This provided a timely back-drop to the MHRA’s new publications on medical device software, and part of a broader agenda for regulatory change in the UK.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Maria Isabel Manleyhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngMaria Isabel Manley2021-09-22 11:36:072023-09-07 12:38:37Digital Health in the UK: MHRA Bold New (Regulatory) World?
Please join us for a program focused on the latest 2021 FinTech and blockchain developments. Sidley lawyers in the banking, white collar, and FinTech groups will discuss the key regulatory and enforcement issues related to enhanced focus by the DOJ, SEC, CFTC, FinCEN, CFPB, OCC, and Federal Reserve on FinTech, blockchain, and cryptocurrencies from both the criminal and civil enforcement perspectives.
The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. As a result of the continuing COVID-19 pandemic, the NAIC met in a hybrid format with attendees participating both in person and virtually. This post summarizes the highlights from this meeting in addition to interim meetings that were held during July in lieu of taking place during the Summer Meeting. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. 71, and an amendment to the purposes and procedures manual to add instructions for review of funds.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Andrew R. Hollandhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngAndrew R. Holland2021-09-20 12:35:172023-09-07 12:40:14Regulatory Update: NAIC Summer 2021 National Meeting
Please join Sidley’s Privacy and Cybersecurity Group for a two-part discussion with UK government officials with a focus on data transfer and innovation.
UK Data Protection and Data Transfers – New Directions
In this Chatham House discussion, our panelists will cover:
Data Transfers to the U.S. and Developments on “Adequacy”
As from September 9, 2021, Regulation (EU) 2021/821 (EU Dual-Use Regulation Recast) replaces the existing Council Regulation (EC) 428/2009 setting up the European Union (EU) regime for the control of exports, transfer, brokering, and transit of “dual-use” items (EU Dual-Use Regulation). Dual-use items are sensitive goods, services, software, and technology that can be used for both civil and military purposes.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Sven De Knophttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSven De Knop2021-09-09 12:41:452023-09-07 12:41:21New European Union Dual-Use Regulation Enters Into Force
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok
Switzerland Recognizes New EU Standard Contractual Clauses and Issues Guidance on International Data Transfers
On August 27, 2021, the Swiss Federal Data Protection and Information Commissioner (FDPIC) formally recognized the new EU Standard Contractual Clauses published by the European Commission on June 4, 2021 (New SCCs). The New SCCs are intended to legitimize transfers of personal data from Switzerland to countries not deemed by the FDPIC as providing an adequate level of protection for personal data (cf. official statement) — thereby completing its guidance on international data transfers published on June 18, 2021. The aim of these documents is to reduce uncertainties in a post-Schrems II era and to help companies ensure the ongoing lawful transfer of personal data.
(more…)
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Sabrine Schnyder
Five Key Considerations Regarding New U.S. Sanctions to Address Ransomware Threats
On September 21, 2021, the U.S. Department of the Treasury (Treasury) Office of Foreign Asset Control (OFAC) imposed sanctions on a virtual currency exchange called Suex OTC, S.R.O. (Suex), and published an updated advisory on potential risks for those who facilitate ransomware payments. These coordinated actions represent significant moves by OFAC to target key aspects of the global ransomware ecosystem and to advance the U.S. government’s broader counter-ransomware strategy. By recommending strengthened cybersecurity measures and emphasizing reporting to law enforcement, OFAC’s updated advisory also reflects increasingly tighter collaboration among federal government agencies in their fight against the ransomware threat.
(more…)
Sheila A.G. Armbrust
San Francisco
sarmbrust@sidley.com
Sujit Raman
Barbara Broussard
Andrew W. Shoyer
Washington, D.C.
ashoyer@sidley.com
Michael R. Roberts
Get Prepared for Data Privacy Compliance Under China PIPL
On August 20, 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL), which will become effective starting November 1, 2021. As an overarching law in China with respect to data privacy, PIPL shares many similarities with the EU General Data Protection Regulation (GDPR). If a company has already been GDPR compliant, its data privacy compliance system can basically work in China, while certain localizations are necessary in response to unique requirements under PIPL. In particular, a company should pay attention to the following differences between PIPL and GDPR:
(more…)
Jing Lu
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Alan Charles Raul
Washington, D.C., New York
araul@sidley.com
Digital Health in the UK: MHRA Bold New (Regulatory) World?
In his statement to the House of Lords on September 16, Lord Frost announced that “we will use the provisions of the Medicines and Medical Devices Act 2021 to overhaul our clinical trial frameworks, based on outdated EU legislation, giving a major boost to the UK’s world-class R&D sector and getting patients access to new lifesaving medicines more quickly. The MHRA which is a world class regulator as we know, is already reforming the medical devices regulations to create a world-leading regime in this area.” This provided a timely back-drop to the MHRA’s new publications on medical device software, and part of a broader agenda for regulatory change in the UK.
(more…)
Maria Isabel Manley
London
mmanley@sidley.com
Zina Chatzidimitriadou
London
zchatzidimitriadou@sidley.com
Fintech and Blockchain 2021
Please join us for a program focused on the latest 2021 FinTech and blockchain developments. Sidley lawyers in the banking, white collar, and FinTech groups will discuss the key regulatory and enforcement issues related to enhanced focus by the DOJ, SEC, CFTC, FinCEN, CFPB, OCC, and Federal Reserve on FinTech, blockchain, and cryptocurrencies from both the criminal and civil enforcement perspectives.
(more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
Regulatory Update: NAIC Summer 2021 National Meeting
The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. As a result of the continuing COVID-19 pandemic, the NAIC met in a hybrid format with attendees participating both in person and virtually. This post summarizes the highlights from this meeting in addition to interim meetings that were held during July in lieu of taking place during the Summer Meeting. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. 71, and an amendment to the purposes and procedures manual to add instructions for review of funds.
(more…)
Andrew R. Holland
New York
aholland@sidley.com
Ellen M. Dunn
New York
edunn@sidley.com
Michael L. Rosenfield
Los Angeles
mrosenfield@sidley.com
Stephanie H. Dobecki
Chicago
sdobecki@sidley.com
Sara N. Africano
Chicago
safricano@sidley.com
Chris H. Burusco
Los Angeles
cburusco@sidley.com
Sidley Privacy and Cybersecurity Roundtable
Please join Sidley’s Privacy and Cybersecurity Group for a two-part discussion with UK government officials with a focus on data transfer and innovation.
UK Data Protection and Data Transfers – New Directions
In this Chatham House discussion, our panelists will cover:
(more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
New European Union Dual-Use Regulation Enters Into Force
As from September 9, 2021, Regulation (EU) 2021/821 (EU Dual-Use Regulation Recast) replaces the existing Council Regulation (EC) 428/2009 setting up the European Union (EU) regime for the control of exports, transfer, brokering, and transit of “dual-use” items (EU Dual-Use Regulation). Dual-use items are sensitive goods, services, software, and technology that can be used for both civil and military purposes.
(more…)
Sven De Knop
Brussels
sdeknop@sidley.com
Justine Fassion
Brussels
justine.fassion@sidley.com
Alessandra Moroni
Brussels
amoroni@sidley.com
Upcoming Events
Webinar: AI and The Aviation Industry
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
John M. Casanova
jcasanova@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Robert D. Keeling
rkeeling@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Glenn G. Nash
gnash@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com