Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

FTC Reviews Security Updates Practices of Eight Mobile Device Manufacturers

The Federal Trade Commission is requiring eight mobile device manufacturers to provide the FTC with information about how they determine to issue security updates to address vulnerabilities in smartphones, tablets, and other mobile devices. The FTC plans to use these filings to study policies, procedures, and practices used to notify customers and determine whether to provide security...

FTC Orders Data Security Auditors to Provide PCI DSS Assessment Data

On March 7, 2016, the Federal Trade Commission (“FTC”) ordered nine data security auditing companies to provide detailed information within 45 days about how they conduct assessments of companies when measuring their compliance with the Payment Card Industry Data Security Standards (“PCI DSS”).  The FTC announced it is specifically seeking information about “the assessment process...

EU-U.S. Privacy Shield – Full Text Released

On February 29, 2016, the European Commission released the text of the EU-U.S. Privacy Shield. The text reveals the details of a new framework that will place stronger obligations on U.S. companies to protect the personal data of EU citizens. It will also involve heightened compliance requirements and authorizes enforcement measures by the U.S. Department of Commerce (Commerce) and the...

EU-US Privacy Shield: European Union and U.S. Reach Agreement in Principle for New Data Transfer Framework – But Uncertainty Remains

On February 2, 2016, the European Commission (EC) and the U.S. Department of Commerce (Commerce) announced that they had reached agreement on a new data transfer safe harbor arrangement for the transfer of personal data from Europe to the U.S. The new safe harbor pact, called the EU-US Privacy Shield, was negotiated in the wake of the EU Court of Justice’s (CJEU) decision in October...

Regulators Set Sights on Big Data and Connected Devices

Federal and state regulators are beginning to set their sights on companies that collect, use and share consumer data, claiming they have sufficient authority to regulate potential privacy and data security risks posed by “big data” and “connected devices.” In her article for Legaltech News, Sutherland Partner Mary Jane Wilson-Bilik notes that the Federal Trade Commission (FTC) has...

« Older Entries