Risk-Based Approach

Subscribe to Risk-Based Approach

In connection with its hearings on data security, the Federal Trade Commission hosted a December 12 panel discussion on “The U.S. Approach to Consumer Data Security,” which featured private practitioner Lisa Sotto from Hunton Andrews Kurth.
Continue Reading Lisa Sotto, Head of Hunton’s Privacy and Cybersecurity Practice, Kicks Off FTC Data Security Panel

Recently, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP submitted formal comments to the U.S. Department of Commerce’s National Telecommunications and Information Administration in response to its request for public comments on developing the administration’s approach to consumer privacy.
Continue Reading CIPL Responds to NTIA Request for Comment on Developing the Administration’s Approach to Consumer Privacy

On March 20, 2018, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP issued a factsheet outlining relevant GDPR provisions for negotiations surrounding the proposed ePrivacy Regulation.
Continue Reading CIPL Issues Factsheet on Key Issues Relating to the Relationship Between the Proposed ePrivacy Regulation and the GDPR

Recently, the National Information Security Standardization Technical Committee of China published draft guidelines on cross-border transfers pursuant to the new Cybersecurity Law, entitled Information Security Technology – Guidelines for Data Cross-Border Transfer Security Assessment. Once finalized, the Guidelines are intended to establish norms regarding security assessments conducted in the context of cross-border data transfers.
Continue Reading China Releases Draft Guidelines on Cross-Border Data Transfers Pursuant to the Cybersecurity Law

On December 21, 2016, the Centre for Information Policy Leadership at Hunton & Williams LLP issued a white paper on Risk, High Risk, Risk Assessments and Data Protection Impact Assessments under the GDPR. The White Paper sets forth guidance and recommendations concerning the interpretation and implementation of the GDPR’s provisions relating to risk and risk assessment.
Continue Reading CIPL Issues White Paper on High Risk and DPIAs under the GDPR

On October 20, 2016, the Centre for Information Policy Leadership hosted a side workshop at the International Conference of Data Protection & Privacy Commissioners focused on transparency and risk assessment, entitled “The Role of Risk Assessment and Transparency in Enabling Organizational Accountability in the Digital Economy.”
Continue Reading CIPL Hosts Workshop on Transparency and Risk Assessment

Last month, the Centre for Information Policy Leadership held its second GDPR Workshop in Paris as part of its two-year GDPR Implementation Project. The purpose of the project is to provide a forum for stakeholders to promote EU-wide consistency in implementing the GDPR, encourage forward-thinking and future-proof interpretations of key GDPR provisions, develop and share relevant best practices, and foster a culture of trust and collaboration between regulators and industry.
Continue Reading CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

Recently, the National Privacy Commission of the Philippines published the final text of its Implementing Rules and Regulations of Republic Act No. 10173, known as the Data Privacy Act of 2012. The IRR has a promulgation date of August 24, 2016, and went into effect 15 days after the publication in the official Gazette.
Continue Reading Final Rules for the Data Privacy Act Published in the Philippines

In late October, the Brazilian Ministry of Justice (the “Ministry”) issued its revised Draft Bill for the Protection of Personal Data (“Draft Bill”). The Ministry released its preliminary draft in January 2015, and the Centre for Information Policy Leadership at Hunton & Williams LLP (“CIPL”) filed public comments to the draft on May 5, 2015.

Continue Reading Brazil Releases Revised Draft Privacy Bill