Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up for Alerts
We provide tailored, industry-specific legal updates to our clients and other friends of the firm.
Areas of Interest
June 4th, 2015
New EU Data Protection Law May Be Ready This Year
In January, 2012, the EU legislative bodies proposed an updated and more harmonized data protection law to replace the existing EU Data Protection Directive 95/46/EC. That Directive - part of the EU Privacy and Human Rights Law - was created to regulate the processing of personal data within the European Union. While still a work in progress, the new General Data Protection Regulation is now expected to be adopted at the end of 2015 or early 2016.
The new data protection law will apply to all 27 European member states and will significantly change the landscape of EU privacy and data protection in several key areas, including:
- greater control over personal information for individuals, including the right to "data portability," and the "right to be forgotten";
- stricter requirements for obtaining consent to collect and store personal data;
- new restrictions on tracking and targeted advertising;
- new rules for police and criminal justice authorities that exchange data across EU state borders;
- stricter data breach reporting obligations (for example, that breaches must be reported to regulators within 24 hours); and
- substantial new penalties for data privacy violations (the greater of €100 million, or 2 - 5% of a company's annual worldwide revenue).
For more information about the new data protection law, or other matters privacy and data security issues, please contact S. Gregory Boyd CIPP/US at (212) 826-5581 or gboyd@fkks.com, Jeremy Goldman CIPP/US at (212) 705 4843 or jgoldman@fkks.com, Jessica Smith at (212) 705-4876 or jsmith@fkks.com, or any other member of Frankfurt Kurnit's Privacy & Data Security Group.
Other Privacy & Data Security Law Alerts
Six Steps to Help Your Team Comply with the New SEC Public Company Cybersecurity Rules
On July 26, 2023, the Securities Exchange Commission (“SEC”) approved final Rules entitled Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (the “Rules”). The Rules require certain cybersecurity incident disclosures on Form 8-K, generally within 4 business days after the determination that a cybersecurity incident is material. Read more.
August 1 2023
Five Action Items to Help You Prepare for the Wave of Privacy Enforcement Starting July 2023
Mark your calendars - July 2023 is an important month for US privacy enforcement. Read more.
June 21 2023
Washington “My Health My Data” Act Dramatically Alters Health Data Compliance Landscape
Washington State’s My Health My Data Act (“the Act”) introduces a sweeping set of obligations for nearly all entities that do business in the state and that handle “consumer health data,” a broad new class of health-related data separate from that regulated by the federal Health Insurance Portability and Accountability Act (“HIPAA”). Read more.
April 24 2023