Stephen Reynolds, Author at Connect On Tech

In Data Privacy & Security

Data Protection Day – Key developments and trends for 2023

January 26, 2023 by Benjamin Slinn, Vinod Bange, Dr Lukas Feiler, Alissa Forstner, Liz Grimwood-Taylor, Anne-Marie Allgrove, Anne Petterd, Caitlin Whale, Adrian Lawrence, Toby Patten, Guillermo José Cervio, Valentina Salas, Valentina Biondi Grane, Elisabeth Dehareng, Caroline Serbanescu, Flavia Rebello, Theo Ling, Conrad Flaczyk, Nadia Rauf, Carolina Pardo, Magalie Dansac Le Clerc, Yann Padova, Florian Tannen, Dr Michaela Nebel, Prof. Dr. Michael Schmidl, Jiří Čermák, Milena Hoffmanová, Lenka Bešťáková, Francesca Gaudino, Yuki Kondo, Daisuke Tatsuno, Kensaku Takase, Dr. Csaba Vári, Marcia Lee, Benjamin Lau, Daniel Villanueva-Plasencia, Carlos Vela-Trevino, Elvia Aragon, Nathalja Doing, Teresa Tovar, Bienvenido A. Marquez III, Frederick August I. Jose, Radoslaw Nozykowski, Patricia Pérez, Peder Oxhammar, William Höglund, Emelie Ageby Svensson, Margarita Kozlov, Johanna Moesch (Mösch), Nadine Charrière, Muriel Binder, Jo-Fan Yu, Dhiraphol Suwanprateep, Pattaraphan Paiboon, Kritiyanee Buranatrevedhya, Thananya Chaikamonsuk, Can Sozer, Yigit Acar, Ecem Elver, Aybuke Gundel, Kellie Blyth, Maher Ghalloussi, Lucrezia Lorenzini, Alex Toh, Ken Chia, Cristina Messerschmidt, Rachel Ehlers, Cynthia Cole, Brian Hengesbaugh, Stephen Reynolds, Nick Merker, Harry Valetk, Lothar Determann, Jonathan Tam, Helena Engfeldt, Maria Eugenia Salazar-Furiati, Manh Hung Tran and Jacqueline Wong 102 Mins Read

28 January 2023 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2023, Baker McKenzie’s Global Data Privacy and Security Team is pleased to present this special edition update of key data protection and privacy developments and trends across the globe, as well summarising future legislative changes, predictions, and enforcement priorities to look out for during 2023.…

In Data Privacy & Security

European Commission Moves Towards U.S. Adequacy Decision for Data Transfers

On December 13, the European Commission (“EC”) announced a draft decision on the adequacy of the U.S data protection regime to protect the personal data of European Union (“EU”) residents, the EU-U.S. Data Privacy Framework (“DPF”). The DPF, which was initially announced in March 2022 as a political agreement between the EU and the U.S., and then bolstered by President Biden’s Executive Order (“EO”) in October 2022, opens the door for an EU-U.S. data transfer…

In Data Privacy & Security

Critical Steps for Increased Legal Certainty for EU to U.S. Personal Data Flows

In March 2022, U.S. and EU leaders reached an agreement in principle on a new accord to protect data flows entitled the Trans-Atlantic Data Privacy Framework (“EU-U.S. DPF”). Today, the US Government has taken important steps to implement this critical data flow framework, and strengthen legal certainty for EU to US personal data transfers. First, President Biden signed an Executive Order on “Enhancing Safeguards for United States Signals Intelligence Activities” (“EO”). The EO enhances privacy…

In California Privacy Law

United States: How to comply with CCPA while the new Agency revises Regulations

August 16, 2022 by Loic Coutelier, Lothar Determann, Helena Engfeldt, Elizabeth Gladstone, Jonathan Tam, Andrea Tovar, Vivian Tse, Tom Tysowsky, Brian Hengesbaugh, Cristina Messerschmidt, Harry Valetk, Nick Merker and Stephen Reynolds 7 Mins Read

In brief The California Privacy Rights Act of 2020 (CPRA) amended the California Consumer Privacy Act of 2018 (CCPA) with most changes taking effect on 1 January 2023 with a twelve-month look-back. Limited exceptions concerning the personal data of employees and business contacts will expire. The new California Privacy Protection Agency (CPPA) has published draft regulations that will, once finalized, expand on the rules in the statute and existing regulations from the California Attorney General. The CPPA is…

In Podcast

Podcast Episode: Class Action and Regulatory Trends: Significant Developments and Predictions

May 26, 2022 by Paul Glass, Teresa Michaud and Stephen Reynolds 1 Min Read

In this episode, Paul Glass, head of Cybersecurity in the UK, is joined by Teresa Michaud, co-chair of the North America Class Action subgroup, and Stephen Reynolds, partner based in Chicago, as they discuss consumer class actions in relation to data breaches and security incidents. Listen in to hear about: overriding themes that have characterized the last year of US class action litigationcybersecurity and data privacy trends and significant developments in the class action space,…

In Cybersecurity

Podcast Episode: Strengthening American Cybersecurity Act – What You Need to Know

May 12, 2022 by Brian Hengesbaugh and Stephen Reynolds 1 Min Read

In this episode, Brian Hengesbaugh, Global Chair of Data Privacy and Security, is joined by Stephen Reynolds, partner in Chicago, as they discuss the Strengthening American Cybersecurity Act, a law recently signed by President Biden, which requires key businesses to report certain ransomware incidents to the Cybersecurity and Infrastructure Security Agency (CISA). Listen in to hear about: An overview of the new law, including key elements such as mandatory reporting requirements, timelines and which “critical…

In Cybersecurity

Congress Publishes “Game-Changer” Breach Reporting Law, Compliance Requirements Unclear

March 18, 2022 by Cyrus R. Vance Jr., Brian Hengesbaugh, Nick Merker, Teresa Michaud, Jessica Nall, Stephen Reynolds, Jerome Tomas, Harry Valetk, Cristina Messerschmidt and Mason Clark 6 Mins Read

After years of legislative debate, Congress passed a new law requiring key businesses to report certain data breaches—or “covered incidents”—to the government. Signed by President Biden on March 15, 2022, the law, part of the Strengthening American Cybersecurity Act, requires companies that operate critical infrastructure—financial institutions, utilities, and other organizations—to share information with the Cybersecurity and Infrastructure Security Agency (CISA) about certain cybersecurity incidents within 72 hours and ransomware payments to cyber criminals within 24…

In Data Privacy & Security

Data Protection Day – Key developments and looking ahead to 2022

January 27, 2022 by Benjamin Slinn, Dr Michaela Nebel, Florian Tannen, Prof. Dr. Michael Schmidl, Magalie Dansac Le Clerc, Hugo Roy, Dr Lukas Feiler, Beat Koenig, Elisabeth Dehareng, Francesca Gaudino, Radoslaw Nozykowski, Nathalja Doing, Dr. Csaba Vári, Ilay Yilmaz, Can Sozer, Yigit Acar, Anne-Marie Allgrove, Liz Grimwood-Taylor, Dhiraphol Suwanprateep, Manh Hung Tran, Ken Chia, Alex Toh, Jacqueline Wong, Paolo Sbuttoni, Zhenyu "Jay" Ruan, Kensaku Takase, Daisuke Tatsuno, Kellie Blyth, Arjun Patel, Theo Ling, Conrad Flaczyk, Nadia Rauf, Cristina Messerschmidt, Brian Hengesbaugh, Stephen Reynolds, Nick Merker, Harry Valetk, Michael Egan, Gary Hunt, Dominic Panakal, Alex Crowley, Justin Burgess, Daniel Villanueva-Plasencia, Carlos Vela-Trevino, Flavia Rebello, Suha Alwan and Nadine Bosshard 66 Mins Read

Friday 28 January 2022 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2022, our Global Data Privacy and Security Team have provided a roundup of key trends and developments across the globe from a data protection perspective as well as looking ahead to what to expect in 2022. There are new laws and developments to keep…

In Cybersecurity

Apache Log4j Vulnerability

December 22, 2021 by Brian Hengesbaugh, Stephen Reynolds, Dominic Panakal and Cristina Messerschmidt 4 Mins Read

A flaw in a widely used software threatens system security and makes companies vulnerable to cyber threats. The Apache Software Foundation released an advisory that Apache Log4j versions up to and including 2.14.1 has a defect that may allow threat actors to execute arbitrary code and deploy viruses including ransomware on that IT infrastructure. Entities that directly or indirectly leverage this software should act with haste to mitigate the risk of a data incident. These…

In Podcast

Podcast Episode: Log4j – What is it and why does it matter?

December 22, 2021 by Brian Hengesbaugh and Stephen Reynolds 1 Min Read

In this episode of Connect On Tech, your host Brian Hengesbaugh is joined by Stephen Reynolds, data privacy and security partner in our Chicago office, to highlight developing trends surrounding the Log4j security vulnerability. In this episode, you will learn about: Log4j: what it is and why it’s importantWhat organizations should be doing to prepare for and prevent a security eventLegal risks and potential issues associated with this vulnerability https://open.spotify.com/episode/79ufz5Zr1z9MDDrCnbYdEm Want to Learn More?Stay tuned…