The Agency of Access to Public Information (Agencia de Acceso a la Información Pública) has approved a set of guidelines for Binding Corporate Rules as a mechanism that multinational companies may use to enable the international transfer of personal data to their affiliates located in countries whose protection of personal data has not been deemed adequate by the AAIP.
Continue Reading

At its October monthly meeting, the Federal Energy Regulatory Commission adopted new reliability standards addressing cybersecurity risks associated with the global supply chain for Bulk Electric System Cyber Systems. The new standards expand the scope of the mandatory and enforceable cybersecurity standards applicable to the electric utility sector.
Continue Reading

On July 31, 2018, the Supreme Court of Ireland granted Facebook, Inc.’s leave to appeal a lower court’s ruling sending a privacy case to the Court of Justice of the European Union. In granting Facebook leave to appeal, the Supreme Court noted that “[i]t is in the interest of justice” that the Court hear its arguments. The hearing will take place within the next five months.
Continue Reading

On July 17, 2018, the European Union and Japan successfully concluded negotiations on a reciprocal finding of an adequate level of data protection, thereby agreeing to recognize each other’s data protection systems as “equivalent.” This will allow personal data to flow safely between the EU and Japan, without being subject to any further safeguards or authorizations.
Continue Reading