Reports of sophisticated cyberattacks and ransomware threats dominated 2021 headlines, along with evolving state data privacy laws in the absence of comprehensive federal data protection regulation. Cross-border data transfers between the EU and US still lack a clear, streamlined mechanism while national authorities continue to negotiate an EU-US Privacy Shield replacement. The past year also showcased the ongoing cyber risks of remote and hybrid working due to COVID-19 measures and the continued rise of ransomware attacks.

Looking ahead, organizations must keep up with the dynamic and increasing legal obligations governing privacy and data security, understand how they apply, monitor cyber risks and attack trends, and manage their compliance to minimize exposure.

Read our Practical Law article for an overview of the past year’s privacy and data security legal developments and predictions for issue to look out for 2022.