On July 5, 2018, the EU Parliament passed a non-binding resolution encouraging the European Commission to suspend the EU-US Privacy Shield Program unless the US is fully compliant by September 1, 2018.  The EU Parliament believes that the current Privacy Shield program does not provide an adequate level of protection required by European law.  This comes roughly two years after the European Commission deemed the EU-US Privacy Shield Framework adequate to enable data transfers under EU law.  But a lot has changed in two years. 
Continue Reading EU Commission Recommends Suspension of Privacy Shield; Recent FTC Efforts May Be Too Little Too Late

You could almost hear the cheers of plaintiffs’ class action lawyers in California last night, as California’s governor signed the most sweeping privacy law this country has seen to date.  Notably, the law gives consumers the right to statutory damages in the event of a breach if the company holding the consumer’s information failed to implement reasonable security measures.  Those statutory damages are not less than $100 and not more than $750 “per consumer per incident or actual damages, whichever is greater.”
Continue Reading California Gets Its Very Own GDPR with Statutory Damages