The Romans were shouting “Hannibal at the gates” when the famous general from Carthage tried to conquer their city with elephants in 218 BC. Today’s cyber-warriors and cyber-criminals are already behind the gates, using subtler means to invade the computers of individuals, companies, and even governments. And we may not even know the attackers. Many …Read More

As reported, the National Telecommunications & Information Administration (NTIA) launched its self-certification system of the Privacy Shield (PS) on 1 August. The NTIA’s website provides a host of information for U.S. and European businesses. Participating organizations are deemed to provide “adequate” privacy protection, a requirement for the transfer of personal data outside of the European …Read More

The EU-U.S. Privacy Shield—the successor to the invalidated Safe Harbor program for transatlantic transfers of EU personal data—was finally approved on July 12, 2016. U.S. organizations will be able to certify compliance with the Privacy Shield principles starting on August 1, 2016, and then be able to receive personal data from EU or EEA-based organizations …Read More

Die Federal Trade Commission (FTC) und die Federal Communications Commission (FCC) haben am  10.05.16 zwei getrennte Untersuchungsverfahren gegen  bestimmte TK-Anbieter und Hersteller von Smartphones etc. eingeleitet. Die US-Behörden wollen wissen, wie diese Unternehmen Updates zur Datensicherheit vornehmen, wie die Kunden die Updates umsetzen und wie die Unternehmen eventuelle Verwundbarkeiten in den Geräten adressieren.  Das wirft …Read More

European Commission may need to revise the draft proposal to meet the concerns expressed by the Article 29 Working Party. On 29 February 2016, the European Commission published a draft adequacy decision to establish the EU-U.S. Privacy Shield, the replacement for the invalidated Safe Harbor program that previously allowed transfers of personal data between the European …Read More

There was a resounding call for action by regulators and industry and the legal documents are now out in public. The European Commission and the U.S. government both hope that the new EU-U.S. Privacy Shield will fully address the European Court of Justice’s criticisms in the landmark “Schrems” ruling last year.  On February 29, the …Read More

The EU is acting at breakneck speed to fill the legal gap that the European Court of Justice (ECJ) created in October, invalidating the Safe Harbor Agreement for EU/U.S. data transfers. EU Justice Commissioner Vĕra Jourová reported on 1 February 2016 to the European Parliament’s Committee on Freedoms and Human Rights (Civil Liberties, Justice, and …Read More

U.S. companies with European business will most likely mark 6 October 2015 as a dark day on their calendars. The highest EU court, the European Court of Justice (ECJ) in Luxembourg, declared a fifteen-year-old longstanding EU decision authorizing a EU/US Safe Harbor “invalid.” The judgment is not appealable. This is a serious issue for the …Read More

As do many other countries, Germany struggles to find the right balance between privacy and cybersecurity. It is a balancing act on many fronts. The German government has suggested a mandatory (bulk) data retention law (Vorratsdatenspeicherung) that will require companies to store traffic data for certain time periods in case this information is needed for …Read More

When the news broke a few days ago that the U.S. Senate had finally approved the USA Freedom Act, German commenters received it with satisfaction. However, there are various differences between the USA Freedom Act and data retention laws in Europe, in particular the recent German bill on bulk traffic (i.e., metadata) data collection (Vorratsdatenspeicherung). …Read More

Page 1 of 212