On October 1, 2021, Connecticut’s two new data security laws went into effect. The new laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program.
Continue Reading UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect
Safe Harbor
New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021
Connecticut recently passed two cybersecurity laws that will become effective on October 1, 2021. The newly passed laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program that complies with applicable state or federal law or industry-recognized security frameworks.
Continue Reading New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021
Department of Commerce Publishes FAQs Regarding Impact of Schrems II Decision
The U.S. Department of Commerce has issued two new sets of FAQs in light of the CJEU’s recent decision to invalidate the EU-U.S. Privacy Shield in Schrems II. …
Continue Reading Department of Commerce Publishes FAQs Regarding Impact of Schrems II Decision
BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid
On July 16, 2020, the Court of Justice of the European Union issued its landmark judgment in the Schrems II case, concluding that the Standard Contractual Clauses issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. Unexpectedly, the Court invalidated the EU-U.S. Privacy Shield framework.
Continue Reading BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid
Webinar on Schrems II: The Practical Implications for Businesses
In one of the most important cases on global data transfers, the Court of Justice of the European Union (“CJEU”) will rule on the validity of the Standard Contractual Clauses (“SCCs”) in the Schrems II case (case C-311/18) on July 16, 2020. Invalidation of the SCCs would leave businesses scrambling to find an alternative data transfer mechanism. But there may be significant practical challenges for businesses even if the SCCs survive.
…
Continue Reading Webinar on Schrems II: The Practical Implications for Businesses
CJEU’s Judgment on Validity of EU Standard Contractual Clauses Due July 16, 2020
In a case that has garnered widespread interest, the Court of Justice of the European Union will deliver its judgement in the Schrems II case (case C-311/18) on July 16, 2020, determining the validity of the controller-to-processor Standard Contractual Clauses as a cross-border data transfer mechanism under the GDPR.
Continue Reading CJEU’s Judgment on Validity of EU Standard Contractual Clauses Due July 16, 2020
Advocate General Upholds Validity of Standard Contractual Clauses in Schrems II Case
On December 19, 2019, the Advocate General of the Court of Justice of the European Union handed down his opinion in the so-called “Schrems II” case.
Continue Reading Advocate General Upholds Validity of Standard Contractual Clauses in Schrems II Case
The Schrems Saga Continues: Schrems II Case Heard Before the CJEU
On July 9, 2019, the hearing in the so-called Schrems II case (case C-311/18) took place at the Court of Justice of the European Union in Luxembourg. This blog entry provides highlights from the hearing, and also discusses the potential impact of the CJEU’s judgment in the case in the EU data protection landscape.
Continue Reading The Schrems Saga Continues: Schrems II Case Heard Before the CJEU
Dating Apps Warned of Potential COPPA and FTC Act Violations Removed from App Stores
On May 6, 2019, the FTC announced that three dating apps were removed from the Apple App Store and Google Play Store following an FTC letter alleging that the apps potentially violated the Children’s Online Privacy Protection Act and the Federal Trade Commission Act. …
Continue Reading Dating Apps Warned of Potential COPPA and FTC Act Violations Removed from App Stores
FTC Approves Changes to Video Game Industry’s Safe Harbor Program Under COPPA
On August 13, 2018, the Federal Trade Commission approved changes to the video game industry’s safe harbor guidelines under the Children’s Online Privacy Protection Act Rule. COPPA’s “safe harbor” provision enables industry groups to propose self-regulatory guidelines regarding COPPA compliance for FTC approval.
Continue Reading FTC Approves Changes to Video Game Industry’s Safe Harbor Program Under COPPA