Here’s a challenge for privacy practitioners everywhere. Laws, by their nature, are national (or in some cases, like the GDPR, regional) but the businesses we represent often consume, process and share data globally. When contracting with counterparties, how then does the privacy practitioner draft data protection terms that accommodate the vagaries of every applicable local privacy law while still producing a contract that both parties want to sign?
National Institute of Standards and Technology (NIST) has issued a new draft revision of its widely used Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations.
Hunton Privacy Team Publishes Several Chapters in International Comparative Legal Guide to Data Protection
Recently, the fourth edition of the book, The International Comparative Legal Guide to: Data Protection 2017, was published by the Global Legal Group. Hunton & Williams’ Global Privacy and Cybersecurity lawyers prepared several chapters in the guide, including the opening chapter on “All Change for Data Protection: The European Data Protection Regulation,” co-authored by London partner Bridget Treacy and associate Anita Bapat.
Ireland’s Data Protection Commissioner published guidance on appropriate qualifications for a Data Protection Officers (DPOs) under General Data Protection Regulation (GDPR).
Subject access requests (SARs) are viewed either as an essential right or a huge administrative burden, depending on whether you are the requestor or responder. Recent Court of Appeal case law has made the Information Commissioner’s Office (ICO) update its Subject access code of practice.
From search and Gmail to AdWords, AdSense, DoubleClick and Analytics, Google says it will comply with the General Data Protection Regulation across all services provided in Europe. The new privacy regulations are scheduled to take effect in 2018.
The UK government has issued new guidelines aimed at improving cyber protection for smart and driverless vehicles, ahead of planned legislation for the emerging industry.
On 31 July 2017 Russia’s Federal Service for the Supervision of Communications, Information Technology and Mass Communications (‘Roskomnadzor’) published, recommendations for data operators on developing a policy with regard to their personal data processing.
On July 28, 2017, the FTC published the second blog post in its “Stick with Security” series. As we previously reported , the FTC will publish an entry every Friday for the next few months focusing on each of the 10 principles outlined in its Start with Security Guide for Businesses.