As the Wall Street Journal noted yesterday, banks are being deluged with phishing attacks. These attacks are especially fierce around the holiday season, when more personnel are absent and normal procedures are ignored or bypassed. The FBI and other law enforcement agencies are focused on these attacks, but it only takes one employee to “believe” a phishing email for the trouble to start.… More
Monthly Archives: December 2015
European Union Agrees On a New Data Protection Framework To Replace the 95/46/CE Directive: Meet the “General Data Protection Regulation”
On 15 December 2015, the three main European institutions, the Commission, the Parliament and the Council, agreed on the final text of the General Data Protection Regulation (GDPR) which has been on the table since January 2012. This is a major achievement, given the number of obstacles that still needed to be overcome a few weeks ago in order to meet the end of 2015 deadline for finalizing the GDPR. … More
Wyndham and FTC Settle Data Breach Lawsuit: Implications
Today, Wyndham and the FTC settled the enforcement action brought by the FTC that had led to a significant decision by the Third Circuit in August of this year. (Wyndham’s statement on the settlement can be found here; the FTC’s statement can be found here; my earlier analysis of the Third Circuit’s decision can be found here.) While the details of the settlement are interesting in their own right – Wyndham will not be paying anything by way of a fine or monetary damages and is not required to admit liability,… More
Weltimmo v. Hungarian Data Protection Authority: EU Rules on What It Means To Be “Established” in a Jurisdiction
While the Schrems decision invalidating the US-EU Safe Harbor Program is rightly attracting a great deal of attention (as well as blogging and webinars) – and leaving many wondering what to do in the absence of the US-EU Safe Harbor System – companies doing business in the EU need also to consider the impact of another recent decision,… More