On 12 November, the European Commission published two sets of documents:

  1. draft of the new standard contractual clauses for transfers of personal data from the European Union to third countries (“New SCCs”); and
  2. draft of standard contractual clauses that can be used by controllers when engaging processors located in the European

AI licenses require many of the same terms and conditions that you would expect in “regular” licenses for software, technology and SaaS. However, licensing AI requires attention to key differences in important areas, which are driven by the uniqueness of AI. Mayer Brown partner Rebecca Eisner shares her insights in this latest installment of our

The cybersecurity and data privacy landscape raised new and challenging questions for businesses and governments around the world in 2017. We are poised to see new waves of technological disruption and legal complexity in 2018.

Continue Reading

On October 18, 2017, the EU Commission published a report (“Report”) on the first annual joint review of the EU-US Privacy Shield framework (“Privacy Shield”), which took place on September 18-19, 2017, in Washington DC. The Report, which reflects input from the US federal government and feedback gathered from relevant stakeholders, found the

On October 18, 2017, the EU Commission published a report (“Report”) on the first annual joint review of the EU-US Privacy Shield framework (“Privacy Shield”), which took place on September 18-19, 2017, in Washington DC. The Report, which reflects input from the US federal government and feedback gathered from relevant stakeholders, found the

Cyber threats continue to evolve, and data privacy considerations continue to grow more complex. Whether defending against global ransomware campaigns or adjusting to new legal regimes governing international data transfers, companies of all sizes today face unprecedented cybersecurity and data privacy challenges.

Our practical guide, Staying Ahead of the Curve: Cybersecurity and Data Privacy—Hot Topics

In a bylined article, Technology Transactions partners Rebecca Eisner, Joe Pennell and associate Nick Card (all Chicago) discuss the current legal and regulatory landscape for IoT and data collected through IoT systems, particularly for business (versus consumer) uses and applications, and also addresses cybersecurity, privacy, employee and other risks.

Continue reading.

On April 4, 2017, the Article 29 Working Party (“WP29”), the group representing national data protection regulators in the European Union, following their April plenary meeting, issued guidelines (the “Guidelines”) on Data Protection Impact Assessments (“DPIAs”), which will be used to measure compliance with the General Data Protection Regulation (“GDPR”). The Guidelines are now open

In a bylined article, Technology Transactions partner Rebecca Eisner (Chicago), Cybersecurity & Data Privacy counsel Kendall Burman (Washington DC) and associate Lei Shen (Chicago) examine the requirements for conducting onward transfers under the new Privacy Shield framework.

Continue reading.

Cybersecurity and data privacy issues continued to grow in significance for multinational businesses over the past 12 months, further heightening the importance of preparing and responding in a strategic, coordinated and enterprise-wide manner in 2017.

The Trump administration has publicly provided limited details so far about its plans for cybersecurity and data privacy policy. Reports