Guidelines on Transparency under Regulation 2016/679 (wp260rev.01)

The guidelines on Transparency under Regulation 2016/679 provide practical guidance and interpretative assistance from the Article 29 Working Party (WP29) on the new obligation of transparency concerning the processing of personal data under the General Data Protection Regulation (GDPR). Transparency is an overarching obligation under the GDPR applying to three central areas: (1) the provision […]

Tags: ,

EPT – Estates, Powers and Trusts 

EPTL Article 13-A was enacted in September of 2016 and directly addresses the ability of a fiduciary (i.e., executor, agent, trustee, guardian) to access digital asset Article 13-A  – ADMINISTRATION OF DIGITAL ASSETS SUMMARY OF ARTICLE Part 1 – (13-A-1) DEFINTIONS Part 2 – (13-A-2.1 – 13-A-2.4) APPLICABILITY, PROCEDURE FOR DICLOSURE, USER DIRECTIONS Part 3 – (13-A-3.1 – […]

Tags:

Computer Fraud and Abuse Act

The Computer Fraud and Abuse Act (CFAA) is a United States cybersecurity bill that was enacted in 1986 as an amendment to existing computer fraud law (18 U.S.C. § 1030), which had been included in the Comprehensive Crime Control Act of 1984. The law prohibits accessing a computer without authorization, or in excess of authorization.

Tags:

Stored Communications Act

The Stored Communication Act (SCA), codified at 18 U.S.C. Chapter 121 §§ 2701–2712 is a law that addresses voluntary and compelled disclosure of “stored wire and electronic communications and transactional records” held by third-party internet service providers (ISPs). Below a list of the relevant sections 2701 – Unlawful access to stored communications 2702 – Voluntary […]

Tags:

South Dakota’s data breach notification statute

On March 21, 2018, South Dakota adopted a data breach notification statute. According to the South Dakota Statute, any “information holder” must comply. An “Information holder” is any person or business that conducts business in South Dakota and owns or licenses “personal information” or “protected information” of residents of South Dakota. The statute is added […]

Tags:

Italian Council of Ministers’ preliminary approval of GDPR’s “harmonization” decree

The Italian Council of Ministers preliminarily approved a legislative decree (in furtherance of Parliament’s delegation Law October 25 2017, no. 163), containing provisions to amend domestic law in compliance with the GDPR. In fact, effective May 25, 2018, Legislative Decree June 30, 2003 no. 196 will be abrogated and the GDPR will be immediately into […]

Tags: ,

Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679

The Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679, wp248rev.01, are available at here.   The GDPR requires controllers to implement appropriate measures to be able to demonstrate compliance with the GDPR itself, taking into account among others […]

Tags: ,

Executive order on strengthening cybersecurity issued by Trump Administration

On May 11, 2017, the Administration Trump issued an executive order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. The executive order contains three sections. The first section deals with cybersecurity of federal networks. Agencies shall implement the NIST framework for risk management and risk reduction, federal IT for shared services shall use the […]

Tags:

1 2 3 4 5 12