GDPR – New Guidelines Issued By Bavarian Data Protection Authority

check out the new plan

The Bavarian Data Protection Authority (“DPA”) has recently published a number of position papers clarifying certain requirements under the GDPR. Data Processing Agreements can be concluded electronically. Parties must, of course, document the electronic conclusion of the agreement sufficiently and conclusively for their own purposes, and be able to evidence its conclusion in case of … Read more

Are You Ready For Shield? – New York’s New Data Protections For Consumers


On 25 July 2019, the New York Governor, Andrew Cuomo, signed into law the “Stop Hacks and Improve Electronic Data” Act (S.6933-B) (SHIELD). When it becomes effective, SHIELD will provide stronger protections for New Yorkers by imposing strict cybersecurity requirements on all companies that handle their private information, even if those companies are located elsewhere. … Read more

Navigating Disclosures And Sales Of Personal Information Under The CCPA

locked data

The requirements of the California Consumer Privacy Act enter into force 1 January 2020, and impose an array of requirements on companies that are subject to the law. Among them are obligations related to the sharing of “personal information” [Section 1798.140(o)] that obligate businesses to push down contractual limitations on service providers and other recipients … Read more

Canada: Security Breach Notification Requirements Commence On November 1, 2018

click away

Last September, we advised that Innovation, Science and Economic Development Canada (“Canada’s Department of Industry”) had released proposed security breach notification regulations under Canada’s federal private sector privacy law – the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5, as amended) (“PIPEDA”) (the “Proposed Regulations”).  While the Government of Canada has not provided a public update on … Read more

Privacy Professionals Agree That GDPR Is A Game-Changer And Companies Should Sign Up For Privacy Shield: Baker & Mckenzie Survey Report

presenting gdpr

UPDATE: The Survey Report is now available here.  On the heels of the EU Parliament’s formal adoption of the EU General Data Protection Regulation (GDPR) on April 14, 2016, Baker &McKenzie will be publishing the results of its 2016 EU GDPR and EU-US Privacy Shield Survey next week!  Until then, subscribe for the b:INFORM newsletter to get … Read more

Five Lessons From Recent Cyberattacks To Protect Your Organization In 2016 – Part II

hacker and laptop

In Part I , we discussed the first two lessons learnt from the recent cyberattacks. We will share the final three lessons learnt from recent cyberattacks in Part II.  Lesson 3: Avoid Collecting Children’s Data As Much As Possible In response to recent incidents involving children’s data, the Hong Kong Privacy Commissioner issued a Guidance Note in … Read more

German Data Protection Authorities Issue Position Paper In Light Of Safe Harbor Decision – Part I


On October 26, 2015, the Data Protection Conference of the German State Data Protection Authorities and the German Federal Commissioner for Data Protection (“Conference”) issued a position paper following the recent decision of the Court of Justice of the European Union (“ECJ”) invalidating the Safe Harbor decision of the EU Commission. Data Transfers Solely Based … Read more

Cloud Myths Series – Myth #1 – A Unique Challenge?

cloud functions

Welcome to our new series dispelling some of the most common myths around data privacy and security in cloud computing solutions. This series will equip you with: a solid understanding of the pros and cons of cloud computing for privacy compliance;an increased ability to discuss challenges with customers and providers; andpractical guidance for contracts between vendors … Read more