On January 5, 2017 Paris Law School Panthéon-Assas launched its first university degree aimed at training future Data Protection Officers under the new European General Data Protection Regulation, which becomes effective across the EU on May 25th, 2018. Created by Paris University Professor Bénédicte Fauvarque-Cosson and Hogan Lovells partner Winston Maxwell, the new program will include courses in law, cybersecurity, data analytics, management and ethics. The faculty will include professors from various law schools, as well as practicing DPOs, information security specialists, lawyers and regulators from the CNIL, and major companies including Sanofi, GE, Axa, Lagardère, Google, Microsoft, Schneider Electric, BNP Paribas and the Banque Postale.
Please join us for our January 2017 Privacy and Cybersecurity Events.
Please join us for our December 2016 Privacy and Cybersecurity Events.
We are pleased to announce that Hogan Lovells Frankfurt-based Partner Tim Wybitul has published a handbook – EU-Datenschutz-Grundverordnung im Unternehmen: Praxisleitfaden – to assist organizations with compliance with the European General Data Protection Regulation. Written in German, the handbook includes plain-language summaries of GDPR requirements as well as project-planning and other checklists and examples to aid companies in complying with the Regulation. The handbook draws upon case studies to present lessons learned by several companies in their efforts to develop GDPR-compliant programs and is designed to be a useful resource for companies of all sizes.
Please join us for our November 2016 Privacy and Cybersecurity Events.
We are proud to announce that the Hogan Lovells Chronicle of Data Protection blog has been nominated in The Expert Institute’s 2016 Best Legal Blog Contest for the award of Best AmLaw Blog of 2016. Our editors at The Chronicle strive to provide you with the most relevant and timely legal news, practical legal analysis, and business insights relating to privacy and cybersecurity. We appreciate the recognition for this work and your continued readership.
Please join us for our October 2016 Privacy and Cybersecurity Events.
Cybersecurity risk continues to evolve at an astonishingly rapid rate, prompting companies to review and adjust their plans to deal with the fast-moving threats posed by an increasingly connected world. At the same time, cybersecurity law and regulation around the world are coming of age. In this complex and uncertain environment, it is not surprising that lawyers are increasingly being asked to guide on governance, counsel on compliance and risk allocation, and lead in the event of a cyber incident.
Drawing on our work with clients across the globe, Hogan Lovells’ cross-practice team of cybersecurity lawyers has launched Ready, Set, Respond, a new set of online cybersecurity resources.
Please join us for our September 2016 Privacy and Cybersecurity Events.
The much anticipated Privacy Shield framework for the transfer of data between the EU and U.S. received final approval from the European Commission on 12 July 2016. With this important data transfer mechanism available to companies at the beginning of August, the Hogan Lovells Privacy and Cybersecurity team will answer your questions in a webinar next Wednesday, 27 July. CLE credit will be available.
Please join us for July 2016 events and speaking engagements led by members of the Hogan Lovells Privacy and Cybersecurity team, detailed in this post.
Please join us for our June 2016 Privacy and Cybersecurity Events.
Hogan Lovells hosted the second annual Health Privacy Law Forum for health privacy professionals yesterday. Participants spoke with Deven McGraw, Deputy Director of Health Information Privacy at the U.S. Department of Health and Human Services Office for Civil Rights , and former Federal Trade Commissioner Julie Brill, now a partner at Hogan Lovells and co-chair of its Privacy and Cybersecurity practice.
Please join us for our April 2016 Privacy and Cybersecurity Events, including discussions on the Internet of Things, big data in healthcare, the Telephone Consumer Protection Act, international data flows, and more.
FTC Commissioner Julie Brill will join Hogan Lovells US LLP as a partner and co-leader of the Privacy and Cybersecurity Practice on 1 April. Commissioner Brill was appointed by President Obama to the FTC in 2010 and will complete her service on 31 March.
As reported in The New York Times, Hogan Lovells represented a diverse group of 15 major technology companies, such as Google, Facebook, Microsoft, Snapchat, and Cisco in filing last week an amicus brief in In re Search of an Apple iPhone.
The Chronicle is happy to report that March will see our Privacy and Cybersecurity attorneys speaking around the globe. Please see our March 2016 Privacy and Cybersecurity Events post for a full list of upcoming PaC events.
With cybersecurity threats a top corporate concern implicating regulatory compliance and litigation risk, Hogan Lovells is proud to be one of the sponsors of the ABA National Institute on Cybersecurity, to be held at Fordham Law School in New York on Tuesday, February 23rd.
The International Association of Privacy Professionals announced this week the launch of its Privacy Bar Section, which aims to serve the lawyers that compose more than forty percent of IAPP’s membership. In conjunction, the IAPP has also applied to the American Bar Association to have its privacy certification officially recognized as a legal specialty.
The European Commission has announced an agreement today with the United States Department of Commerce to replace the invalidated Safe Harbor agreement on transatlantic data flows with a new EU-U.S. “Privacy Shield.” The Privacy Shield aims to address the requirements set out by the European Court of Justice in its Oct. 6, 2015 ruling by imposing stronger obligations on companies, providing stronger monitoring and enforcement by the DOC and Federal Trade Commission , and making commitments regarding access to information on the part of public authorities. In announcing the agreement, Vice-President Ansip noted his belief that the Privacy Shield will benefit both European businesses and citizens, and will prove to be a “much better” solution for transatlantic data flows.
Anyone reading this blog already knows that cybersecurity is a team sport. No longer does the IT security department bear sole responsibility for protecting a company’s data and systems. Today companies are setting up enterprise-wide councils to oversee cybersecurity that include lawyers, risk managers, technical professionals, and other leaders. And if a breach occurs, that […]
The Colombian Data Protection Authority (the Superintendence of Industry and Commerce, or SIC) has issued regulations requiring all data controllers that are (i) private legal entities registered in Chambers of Commerce in Colombia (i.e., incorporated in Colombia) or (ii) partially government owned corporations (“sociedades de economía mixta”) to register their databases by November 8th, 2016. The regulations were issued on November 3, 2015, and the National Database Registry (the “Registry”) required by Colombian data protection laws was enabled on November 9, 2015. Read our post to learn about the registration requirements and potential penalties for noncompliance.
Data privacy and security regulators don’t always agree. Take a look at the Federal Trade Commission for example. In recent years, FTC commissioners have disagreed about the role that cost-benefit analyses should play and the types of consumer harms that should be considered in the FTC’s data privacy and security enforcement actions. For organizations that rely on the collection and use of consumer information, understanding the different viewpoints at the FTC and how those viewpoints may influence future enforcement is vital to evaluating risk. On Thursday, November 5, 2015, the Future of Privacy Forum will look at those issues as it celebrates its new home and its new partnership with Washington & Lee University School Law by hosting a panel discussion addressing the Future of Section 5 of the FTC Act. Panelists David Vladeck (former FTC Consumer Bureau Director David Vladeck) and James Cooper (former Acting Director of the Office of Policy Planning) will look at key Section 5 issues.
Next Tuesday, the Court of Justice of the European Union is scheduled to publish its decision in Maximillian Schrems v. Data Protection Commissioner, in which it is expected to rule on the validity of the U.S.-EU Safe Harbor Framework. Last week’s opinion of the CJEU’s Advocate General emphatically found Safe Harbor to be inadequate under EU law on the basis that access to Safe Harbor data by U.S. intelligence services is too wide and disproportionate, and that Safe Harbor does not contain appropriate guarantees to prevent this level of access. While the AG’s opinion is not binding on the CJEU, the short turn-around implies that the CJEU will not vary significantly from the opinion.