On April 12, 2013, the Department of Commerce’s International Trade Administration issued a guidance document to clarify how the U.S.-European Union Safe Harbor Framework facilitates the transfer of personal data from the European Union to the United States in the cloud computing context. … Continue Reading
On March 8, 2013, the German government published a response to a formal inquiry from one of the German Parliament’s parties on the international security, data protection and surveillance implications of cloud computing.… Continue Reading
On February 7, 2013, the European Commission, together with the High Representative of the Union for Foreign Affairs and Security Policy, launched their cybersecurity strategy for the European Union, which included a draft directive on measures to ensure a common level of network and information security across the EU.… Continue Reading
Recently, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs released “Fighting cyber crime and protecting privacy in the cloud.” This blog post outlines some of the study’s key recommendations.… Continue Reading
On November 23, 2012, the German Federal Council published comments to the European Commission’s strategy on cloud computing, which it considers inadequate in dealing with several issues unique to cloud computing. … Continue Reading
On November 16, 2012, European Data Protection Supervisor Peter Hustinx published an Opinion addressing the European Commission’s September 2012 Communication on cloud computing.… Continue Reading
On November 22-23, 2012, SC Magazine will host a Virtual Summit titled “Tackling the Big 3: Clouds, Consumerisation, Cybercrime.” The Summit will feature Hunton & Williams London partner Bridget Treacy and others discussing cyberthreats expected to make headlines in 2013. This blog post includes a complimentary access code for readers to attend the Virtual Summit.… Continue Reading
On November 10, 2012, the Conference of the German Data Protection Commissioners’ working group on technical and organizational data protection matters published guidelines on data separation requirements for automated data processing on shared IT systems.… Continue Reading
On October 26, 2012, three resolutions were adopted by the closed session of the 34th International Conference of Data Protection and Privacy Commissioners. This blog post provides an overview of these resolutions and their potential impact.… Continue Reading
On September 27, 2012, the UK Information Commissioner’s Office (“ICO”) published guidance on complying with the requirements of the UK Data Protection Act 1998 (“DPA”) in the context of cloud computing services (the “Guidance”). In its Guidance, the ICO reminds data controllers that transferring personal data to the cloud does not absolve them of their … Continue Reading
On September 27, 2012, the European Commission presented “Unleashing the Potential of Cloud Computing in Europe,” a new strategy focusing on simplifying cloud computing standards and certification, developing new model contract terms for cloud computing services and the initiative for a European Cloud Partnership.… Continue Reading
Hunton & Williams partner Lisa Sotto, head of the Global Privacy and Data Security Practice, recently gave a presentation on global privacy law issues to the Western Independent Bankers Service Corporation. This blog post provides a link to the webcast.… Continue Reading
On July 10, 2012, the Federal Financial Institutions Examination Council released a statement on outsourced cloud computing activities, discussing key risk considerations associated with using third-party vendors to implement cloud computing solutions and identifying applicable risk mitigation considerations contained in the FFIEC IT Examination Handbook. … Continue Reading
On July 1, 2012, the Article 29 Working Party adopted an Opinion providing guidance on the risks associated with cloud computing and issuing recommendations to data controllers and data processors operating in the cloud environment.… Continue Reading
On April 24, 2012, the International Working Group on Data Protection in Telecommunications issued a Working Paper that provides best practices and guidance aimed at reducing the privacy and data security risks associated with cloud computing.… Continue Reading
On April 27, 2012, the Centre for Information Policy Leadership at Hunton & Williams LLP submitted comments to the latest Singapore consultation on proposed personal data protection legislation. The Centre’s comments focus on how consent is addressed in the legislation and on assuring that the law applies only to Singapore data.… Continue Reading
The CNIL announced that it will conduct 450 on-site inspections in 2012, focusing on issues such as smart phone technology, health data security, data breaches, police records and day-to-day personal information collection by large entities such as utilities.… Continue Reading
On March 8, 2012, the German Federal Office for Information Security accepted the German Insurance Association’s application for certification of the “Trusted German Insurance Cloud,” a project that aims to establish a secure IT platform for the German insurance industry.… Continue Reading
A growing number of companies are implementing cloud computing solutions to lower IT costs and increase efficiency. Although cloud technology offers an array of advantages, organizations that rely on the cloud must compensate for the corresponding increase in risk associated with outsourcing business operations to a third party.… Continue Reading
On December 21, 2011, Mexico issued the final version of its Regulations of the Federal Law for the Protection of Personal Data Held by Private Parties.… Continue Reading
On November 29, 2011, at the IAPP Europe Data Protection Congress, EU Commissioner Viviane Reding provided insight into some of the details of the proposals for the revised EU data protection framework. She focused on promoting Binding Corporate Rules as a solution for safeguarding international flows of data.… Continue Reading
On October 17, 2011, the CNIL launched a public consultation on cloud computing, seeking stakeholders’ opinions on legal and technical solutions to address data security concerns affecting cloud computing services for businesses.… Continue Reading
On September 29, 2011, following the 82nd annual conference of German federal and state data protection authorities, the German DPAs issued a resolution on cloud computing and compliance with data protection law. … Continue Reading
