At a Financial Industry Regulatory Authority Conference last month, regulators reportedly stated that they consider companies liable for breaches notwithstanding the types of technical or security models followed, regardless of whether the regulatory model placed the responsibility on the company or not.… Continue Reading
Last year just before the “big date” of May 25, I wrote a post trying to analyze GDPR provisions through the lens of the whistleblowing process. At that time there were many questions ranging from how the rules will apply to whistleblowing on a national level to how to balance individuals’ privacy rights against companies’ need to pursue investigations.… Continue Reading
It has been over three months since the EU General Data Protection Regulation (GDPR) went into effect. The sky hasn’t fallen, and we are still here. We at TRACE now wear a t-shirt saying “I survived the GDPR” and see the humor in GDPR jokes and online memes.… Continue Reading
The General Data Protection Regulation (GDPR) came into effect in May. With the risk of hefty fines, it’s no surprise that GDPR compliance tops the agenda for many organizations. But one area of technology faces even greater challenges under GDPR: blockchain.… Continue Reading
In an era of rapidly shifting data privacy legislation, increasing technological complexity, and the rapid growth of businesses, third-party compliance technologies must match these changes with increasing resilience to avoid becoming obsolete in the future.… Continue Reading
Companies are increasingly frustrated by privacy protection laws that vary from country to country. But the European Union’s new General Data Protection Regulation (GDPR), which becomes law on May 25, 2018, eliminates much of the confusion with a uniform code for all EU nations.… Continue Reading
Frances McLeod, a founding partner of Forensic Risk Alliance, is spending a lot of time helping clients deal with EU privacy and data protection issues.
I talked with her about the Safe Harbor (it’s dead), the Privacy Shield, and the EU General Data Protection Regulation.… Continue Reading
I spoke last Thursday with Adam S. Lee, the Special Agent in charge of the U.S. Federal Bureau of Investigation’s Richmond Division.
Any company with more than a small presence in China is likely to need to conduct an internal investigation there at some point.
While investigations in China are not wholly different than in other jurisdictions, our experience handling scores of such investigations leads us to the conclusion that companies can take certain steps in advance to minimize headaches if and when such an investigation in China is needed.… Continue Reading
Jo Sherman spoke with me about her post on the FCPA Blog and how multinationals and their lawyers can deal with EU data protection rules after the Max Schrems decision.
As the owner of an English law firm based in the British Virgin Islands, I read with interest on the FCPA Blog about the recent changes to the European Union’s decision to toughen up even further its data protection rules.… Continue Reading