Last week, Didier Reynders, European Commissioner for Justice, and Dr. Andrea Jelinek, Chair of the European Data Protection Board (EDPB), appeared at a hearing conducted by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs, and updated committee members on their work since the Schrems II decision.
In his remarks, Mr. Reynders identified three main areas on which the Commission is focusing.
Regardless of industry, no company can escape the widespread reach and impact of data. Whether a company is collecting account information from customers or aggregating platform usage data, handling large amounts of data has become the norm. While this creates boundless new opportunities for businesses in analytics and real-time decisioning, it also introduces new risks that organizations need to consider and prevent where possible.
The EDPB’s FAQs resolve some open questions, such as whether there will be a grace period for companies relying on Privacy Shield, but raise other questions, such as what “supplementary measures” companies need to put in place to use Standard Contractual Clauses and Binding Corporate Rules.
In the wake of the Court of Justice of the European Union’s Schrems II judgment, on July 23, 2020, the European Data Protection Board (EDPB) adopted a Frequently Asked Questions document to “provide initial clarification and give preliminary guidance to stakeholders on the use of legal instruments for the transfer of personal data to third countries, including the U.S.” The EDPB stated that the document will be updated, and further guidance provided, as it continues to examine and consider the judgment. The six-page FAQs provides the following guidance.
The European Union’s top court ruled that an agreement that allows thousands of companies — from tech giants to small financial firms — to transfer data to the United States is invalid because the American government can snoop on people’s data, according to an AP News report. The ruling could impact how companies transfer European users’ data to the United States and other countries, such as the U.K, and could require regulators to vet any new data transfers to make sure Europeans’ personal information remains protected according to the EU’s stringent standards, says AP News.
With the second anniversary of GDPR on the horizon, the topic of data security is as pertinent as ever. Despite the proliferation of connected devices and the personal information and sensitive data they harbor, many consumers are unaware of just how susceptible their pocket-sized computers are to cyberattack.
According to a Linklaters analysis, there has been a major increase of data breach notifications to data protection authorities, with an average increase in notifications of 66 percent compared to Year 1 of the EU General Data Protection Regulation (‘GDPR’).
“There are only two types of companies: those that have been hacked, and those that will be.” When former FBI Director Robert Mueller spoke those words in 2012, he sounded hyperbolic. Almost a decade later, it seems prophetic.
More companies are doing more business online to survive the pandemic, and that’ll create even more data privacy concerns going forward. At the same time, new privacy regulations have taken hold, most notably the California Consumer Privacy Act. What are 5 steps to achieve compliance?
Experian® released its seventh annual corporate preparedness study, Is Your Company Ready for a Big Data Breach?, revealing that cybercriminals may still be one step ahead of companies’ security practices and investments.
This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.