Transatlantic Privacy Enforcement Trends

The GDPR as well as the newly adopted California Consumer Privacy Act mark a paradigmatic shift on the part of regulators regarding compliance requirements and expectations for businesses. This panel features speakers with day-to-day experience in data privacy enforcement on both sides of the Atlantic. The session will provide empirical information on enforcement actions and…

Toward a New Baseline Privacy Law: Harmonizing the GDPR, California, and the FTC

Multiple US stakeholders, including the Federal Trade Commission, the Administration, and Congress are examining a new federal privacy law borrowing key principles from the GDPR and the California privacy law. This panel will examine whether key GDPR and California concepts are workable as a new federal baseline and the relationship between data protection and innovation…

At the Centre of the GDPR: Irish Data Protection Commissioner Shares Her Analysis

Helen Dixon was appointed as Data Protection Commissioner for Ireland in September 2014. Responsible for upholding the rights of individuals regarding how data about them is used, the role, among other things, requires regulation of a large number of US internet multinationals with European bases in Ireland. Previously Irish Registrar of Companies, Helen has also…

Decentralizing Privacy: Data Protection Regulation in the Blockchain Era

At first glance, Blockchain technology and the GDPR seem irreconcilable. The GDPR was designed for an era where data are processed centrally. In contrast, blockchains are decentralized by their very essence. Immutability is considered to be one of Blockchain key characteristics, whereas GDPR promotes the right to be forgotten. At the same time, however, Blockchain…

Do’s and Dont’s for Litigation Strategy in Managing Global Data Breaches

A global data breach can lead to complex litigation in multiple jurisdictions, with different requirements for discovery, for security, and in other areas of law. This session offers practical examples of best practices in handling these kinds of cases. Andrew Serwin, Partner, Morrison & Foerster Ann Henry, Partner, Pinsent Masons (Ireland) Meredith Grauer, Chief Privacy…

Building a Privacy Program to Accommodate Evolving International Laws: From the GDPR to the CCPA to Brazil to China and Beyond

Building a privacy program that is right-sized for the organization can take years of hard work and creative collaboration. And just when things are running like a well-oiled machine, the company undergoes a corporate change — buying or selling a business, expanding into a new region, or launching a new product line that will take…

Developments in South Korean Privacy & Security Law

Discussions are underway between the EU and South Korea for an adequacy determination.  South Korea has joined the APEC Cross-Border Privacy Rules system.  Significant caselaw is developing regarding this country’s 2011 data protection statute as well as its sector-specific laws.  This session will provide an up-to-date account of developments in South Korea and analyze the…

International Breach Investigations: Responding to Multiple International Investigations Resulting from a Single Incident

Increasingly, a data breach will affect data subjects in countries across the globe. That complicates a number of response issues, such as how to notify individuals located world-wide, how to move personal data across jurisdictional lines, as well as other matters. Within the last year, moreover, a new issue has emerged: active investigations by governmental…