Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

The state of US data privacy and cybersecurity laws in 2019

US data privacy and cybersecurity laws developed rapidly in 2019, especially in California, New York, Nevada and Massachusetts. While there are ongoing efforts to pass a federal privacy law, states are leading the way. Learn...

Update: Advocate General advises that the validity of standard contractual clauses is not affected by complaints made in Schrems II

On Thursday 19 December, Advocate General Saugmandsgaard Øe published his Opinion in Case C-311/18 Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems (widely referred to as “Schrems II”). The Opinion is not binding, however it provides us with a strong indication as to what the Court of Justice of the European Union’s (“CJEU”) judgment will be. Learn...

In the spotlight—Cyber resilience and risks around outsourcing

The operational resilience of financial institutions has come under increased scrutiny following a number of recent high-profile IT failures and cyberattacks. Operational resilience itself is much broader than merely IT and cyber events: it covers events ranging from natural disasters to civil unrest, and those impacting critical national and market infrastructure. Learn...

FTC effectively shuts down Utah company’s operations pending compliance with mandated data security plan

On November 12, 2019, the FTC announced that InfoTrax, a Utah technology company, agreed to implement an overhauled data security program as part of a 20-year consent agreement in the wake of a hack to the company’s network. InfoTrax is prohibited from collecting, selling, sharing, or storing personal information pending the overhaul of security operations—temporarily shutting down the...

Dangerous seas ahead – the California Consumer Privacy Act and litigation risk

The California Consumer Privacy Act (CCPA) exposes companies doing business in California to certain litigation risks. The CCPA creates a private right of action that increases class action litigation risk for data breaches. Plaintiffs might try to use California’s Unfair Competition Law (UCL) to expand the scope of the CCPA’s private right of action. Businesses can proactively engage...

« Older Entries Next Entries »