On August 18, 2017, the FTC published the fifth blog post in its "Stick with Security" series, which outlines steps businesses can take to secure sensitive data, including when it is in transit. … Continue Reading
On August 9, 2017, the Russian privacy regulator expanded its list of nations that provide sufficient privacy protections to allow transfers of personal data from Russia.… Continue Reading
On August 7, 2017, the UK Government’s Department for Culture, Media and Sport published a Statement of Intent setting out the planned reforms to be included in the forthcoming Data Protection Bill, which we previously reported is expected to be laid before the UK Parliament in early September.… Continue Reading
Recently, the European Union Committee of the UK’s House of Lords published its paper, Brexit: the EU data protection package. The Paper urges the UK government to make good on its stated aim of maintaining unhindered and uninterrupted data flows between the UK and EU after Brexit, and examines the options available to ensure that this occurs. … Continue Reading
On July 27, 2017, Singapore submitted its notice of intent to join the APEC Cross-Border Privacy Rules system and the APEC Privacy Recognition for Processors System. Singapore would be the sixth member of the CBPR system, joining Canada, Japan, Mexico, the United States and the newest member, South Korea. … Continue Reading
On July 26, 2017, the Court of Justice of the European Union declared that the envisaged EU-Canada agreement on the transfer of passenger name records interferes with the fundamental right to respect for private life and the right to the protection of personal data and is therefore incompatible with EU law in its current form.… Continue Reading
The Article 29 Working Party issued an Opinion on data processing at work, which complements the Working Party's previous guidance on the processing of personal data in the employment context and on the surveillance of electronic communications in the workplace. This blog entry provides highlights on the Opinion.… Continue Reading
As companies in the EU and the U.S. prepare for the application of the EU General Data Protection Regulation in May 2018, Hunton & Williams’ Global Privacy and Cybersecurity partner Aaron Simpson discusses the key, significant changes from the EU Directive that companies must comply with before next year. This blog entry contains a link to the full 30-minute webinar. … Continue Reading
On Monday, June 12, 2017, South Korea's Ministry of the Interior and the Korea Communications Commission announced that South Korea has secured approval to participate in the APEC Cross-Border Privacy Rules system.… Continue Reading
Recently, the National Information Security Standardization Technical Committee of China published draft guidelines on cross-border transfers pursuant to the new Cybersecurity Law, entitled Information Security Technology – Guidelines for Data Cross-Border Transfer Security Assessment. Once finalized, the Guidelines are intended to establish norms regarding security assessments conducted in the context of cross-border data transfers. … Continue Reading
On June 2, 2017, in preparation for the first annual review of the EU-U.S. Privacy Shield framework, the European Commission has sent questionnaires to trade associations and other groups to seek information from their Privacy Shield-certified members on the experiences of such organizations during the first year of the Privacy Shield.… Continue Reading
On June 1, 2017, the new Cybersecurity Law went into effect in China. This post takes stock of (1) which measures have been passed so far, (2) which ones go into effect on June 1 and (3) which ones are in progress but have yet to be promulgated.… Continue Reading
On May 19, 2017, the Cyberspace Administration of China issued a revised draft of its Measures for the Security Assessment of Outbound Transmission of Personal Information and Critical Data. This blog entry provides highlights on the revised draft.… Continue Reading
On April 12, 2017, the Centre for Information Policy Leadership at Hunton & Williams LLP issued a discussion paper on Certifications, Seals and Marks under the GDPR and Their Roles as Accountability Tools and Cross-Border Data Transfer Mechanisms which sets forth recommendations concerning the implementation of the EU GDPR’s provisions on the development and use of certification mechanisms.… Continue Reading
On April 11, 2017, the Cyberspace Administration of China published a draft of its proposed Measures for the Security Assessment of Outbound Transmission of Personal Information and Critical Data. The Draft provides further guidance on how security assessments might be carried out.… Continue Reading
On March 21, 2017, Hunton & Williams will host an in-person seminar in its London office featuring seasoned cybersecurity practitioners. This blog entry provides more information on the event.… Continue Reading
Hunton & Williams LLP, in coordination with the U.S. Chamber of Commerce, recently issued a report that provides a series of recommendations to enhance the effectiveness of data privacy regulators. … Continue Reading
On February 22, 2017, the Federal Trade Commission announced that it had reached settlement agreements with three U.S. companies charged with deceiving consumers about their participation in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules system.… Continue Reading
On February 20, 2017, the Article 29 Working Party issued a template complaint form and Rules of Procedure that clarify the role of the EU Data Protection Authorities in resolving EU-U.S. Privacy Shield-related complaints.… Continue Reading
Pablo Palazzi, from Buenos Aires law firm Allende & Brea, reports that earlier this month, the Argentine Data Protection Agency posted the first draft of a new data protection bill on its website. The Draft Bill is heavily based on the EU GDPR and maintains the structure of Argentina’s current data protection bill.… Continue Reading
On February 1, 2017, Matt Hancock, the UK Government Minister responsible for data protection, was questioned by the House of Lords committee on the UK’s implementation plan of the EU General Data Protection Regulation in the context of Brexit. In responding to the questioning, Hancock revealed further details into the UK Government’s position on implementing the GDPR into UK law.… Continue Reading
On February 2, 2017, the UK government published a white paper entitled The United Kingdom’s exit from and new partnership with the European Union, which makes clear that the UK intends to maintain close ties with the European Union and its 27 remaining Member States after Brexit. … Continue Reading
On January 25, 2017, President Trump issued an Executive Order entitled "Enhancing Public Safety in the Interior of the United States." This blog entry provides highlights on the Executive Order.… Continue Reading
On January 17, 2017, the International Trade Administration announced that South Korea formally submitted its intent to join the APEC Cross-Border Privacy Rules system. South Korea would be the fifth APEC economy to join the system, joining the United States, Mexico, Canada and Japan. … Continue Reading
