In the second of this two-part series, Brian Hengesbaugh, Global Chair of Privacy and Security at Baker McKenzie is joined by Cyrus Vance Jr., Global Chair of Cybersecurity, as the two continue their discussion on cybercrime, focusing on the National Cybersecurity Strategy recently released by the White House, which seeks to address cyber risk and resiliency in America. Listen in to hear their views about: The National Cybersecurity Strategy framework, highlighting key takeaways of the…
In Brief On March 15, 2023, the US Securities Exchange Commission (“SEC”) proposed amendments to Regulation S-P (“Reg S-P”). If adopted, the amendments would introduce new data security and governance requirements for broker-dealers, investment companies, and investment advisers registered with the SEC. Background When the SEC first promulgated Regulation S-P in 2000, the goal was to ensure that covered entities establish adequate safeguards to protect customer information. The existing version consists essentially of two cornerstone…
In the first of this two-part series, Brian Hengesbaugh, Global Chair of Privacy and Security at Baker McKenzie, is joined by Cyrus Vance Jr., Global Chair of Cybersecurity, as the two discuss the alarming increase in cybercrimes, looking broadly at the trends, public safety risks and legal implications for the business community, particularly as it pertains to boards and senior management navigating the current threat landscape. Listen to learn more about: Why it is difficult to…
In Brief On March 7, 2023, China’s State Council unveiled plans to consolidate the country’s data protection functions into a single National Data Bureau to address the inconsistencies around the administration of China’s data and security laws. Background The privacy and security legal landscape in China has quickly evolved in recent years. The Cybersecurity Law (CSL) was adopted in 2017, and modified in 2022. The Personal Information Protection Law (PIPL) and the Data Security Law…
In brief On February 28, 2023, the European Data Protection Board (“EDPB”) published its non-binding opinion on the European Commission’s draft adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”). As we have previously written, the DPF is intended to re-establish one of the legal mechanisms for transfers of personal data from the European Union (“EU”) to the U.S. The DPF replaces the EU-U.S. Privacy Shield (“Privacy Shield”), which the EU Court of Justice (“CJEU”)…
In Brief Global regulations to govern the development and use of artificial intelligence (“AI”) are being reviewed and implemented in rapid pace. While the U.S. does not have a comprehensive regulatory framework for AI, there are initiatives underway at the federal and state level, including the framework recently released by the National Institute of Standards and Technology (“NIST”), the AI Risk Management Framework (“RMF”). Background AI technology has a wide range of benefits, including increased…
In Brief On February 24, 2023, the Cyberspace Administration of China (CAC) released the final version of the Standard Contractual Clauses (SCCs) and SCC Measures for the cross-border transfer of personal data under the Personal Information Protection Law (PIPL). The SCCs provide a mechanism for businesses to transfer personal information from mainland China to other jurisdictions. China’s SCCs closely mirror the EU’s SCCs, which were updated in 2021, but feature several important distinctions described in…
28 January 2023 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2023, Baker McKenzie’s Global Data Privacy and Security Team is pleased to present this special edition update of key data protection and privacy developments and trends across the globe, as well summarising future legislative changes, predictions, and enforcement priorities to look out for during 2023.…
In this episode, Brian Hengesbaugh, Global Chair of Privacy & Security, is joined by Ben Slinn, senior associate in London, as they discuss data privacy predictions across the globe for the year ahead. Listen in to hear about: The data protection regime in the UK post Brexit and what lies ahead Trends and issues that we are seeing from an EU perspective Key developments and significant changes on the horizon outside of the EU For…
In this episode, Brian Hengesbaugh, Global Chair of Privacy and Security, is joined by Anne Petterd, privacy and cybersecurity partner based in Sydney, as they discuss privacy in the metaverse, highlighting key concerns at the intersection of these two complex and cutting-edge issues. The two explore universal topics of trust, transparency and how they relate to personal data protection in the digital environment. Listen in to hear more about: What is the metaverse? Who controls…