Tag:international developments

1
The EU-US Privacy Shield has been released
2
‘EU-US Privacy Shield’ agreed for trans-Atlantic data flow
3
Primera Blue Cross Cyberattack
4
Reports and Surveys Updates
5
Government Regulation, Legislation and Enforcement Updates
6
European Union – General Data Protection Regulation (GDPR)

The EU-US Privacy Shield has been released

By Cameron Abbott and Meg Aitken

The European Commission has now officially released the EU-U.S. Privacy Shield, which sets out the key requirements and principles for trans-Atlantic data flow between Europe to the US.

Read our colleague’s article on the announcement here.

Alternatively, access the European Commission’s Press Release here.

‘EU-US Privacy Shield’ agreed for trans-Atlantic data flow

By Cameron Abbott and Meg Aitken

A new trans-Atlantic data transfer framework has been agreed between the European Commission and the United States this week. Known as the ‘EU-US Privacy Shield’, the new arrangement is intended to offer greater legal certainty for businesses and afford EU citizens increased protection when their data is transferred across the Atlantic to the US.

The new regulations will replace the US-EU Safe Harbor framework, which was invalidated by the European Court of Justice last October on the basis that the generalised access that public authorities had to the data and content of electronic communications violated fundamental privacy rights. Read our earlier blog post on the Safe Harbour decision here.

The key features of the new EU-US Privacy Shield are:

  • Stronger obligations on US companies to protect the personal data of EU citizens
  • More robust enforcement powers granted to both EU and US regulators, including greater monitoring and prosecution by the US Department of Commence and Federal Trade Commission (FTC)
  • Clearer conditions, limitations, redress avenues and safeguards for data transferred across the Atlantic
  • Expanded obligations for US companies to prove compliance
  • Several new avenues for EU citizens to lodge complaints about data misuse, including the establishment of a new independent privacy Ombudsman

The new Privacy Shield is still awaiting final approval from the College of Commissioners and will be subject to further review by the Article 29 Working Party before it is introduced. Much of the detail has not been released, so while the principles have been articulated, the impact on the obligations of affected companies is still far from clear.

Read the European Commission press release here for further details.

Our US and EU colleagues have drafted a more detail description which can be accessed here for further information.

Primera Blue Cross Cyberattack

by Jim Bulling and Julia Baldi

Primera Blue Cross, a U.S. health insurer announced up to 11 million customers could have been affected by a cyberattack, with hackers gained access to its computers on May 5 2014, and the breach only being discovered on January 29 2015. Affected customers are eligible for two years of free credit monitoring and identify theft protection services.

See the Primera press release here and a CIO article on the breach here.

Reports and Surveys Updates

by Jim Bulling and Julia Baldi

The Emergence of Cybersecurity Law Report
The Emergence of Cybersecurity Law report released by Hanover Research outlines trends and strategies in respect of in house counsel’s involvement in companies’ cybersecurity efforts.

See the report here.

Eurobarometer report on cybersecurity
European Commissions publishes special Eurobarometer report on cyber ecurity which shows EU citizens have significant concerns about cybercrime threats.

See the report here.

Government Regulation, Legislation and Enforcement Updates

by Jim Bulling and Julia Baldi

China Introduces new Cybersecurity Laws
China introduced new cybersecurity laws, which require both local and foreign banks and financial institutions with Chinese clients (including Australian financial institutions) to use IT equipment deemed “secure and controllable” by Beijing. The breadth of the laws has upset foreign financial institutions given the potential cost of compliance if foreign entities must implement IT equipment systems in accordance with Chinese directives.

See the Financial Times report here.

Read More

European Union – General Data Protection Regulation (GDPR)

by Jim Bulling and Julia Baldi

The European Union has indicated an intention to finalise the General Data Protection Regulation (GDPR) before the end of 2015. This has the potential to effect Australian companies operating or storing data in Europe.

See the EU press release here.

Copyright © 2024, K&L Gates LLP. All Rights Reserved.