Proskauer has released a white paper on “What Employers Need to Know about Europe’s General Data Protection Regulation.” As you may know, on April 14, 2016, the European Parliament approved the General Data Protection Regulation (“GDPR”), which will replace the EU’s current data privacy standard and begin to

Results from the SEC’s First Round of Cybersecurity Examinations. On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and broker-dealers. The examinations were conducted as part of the OCIE’s cybersecurity examination initiative, announced in April 2014, to assess cybersecurity preparedness in the securities industry and gather information on common practices and trends among registered firms. The OCIE interviewed key personnel and reviewed documents at 49 registered investment advisers and 57 registered broker-dealers. The OCIE’s findings focused on how registered investment advisers and broker-dealers:

  • Identify cybersecurity risks;
  • Establish cybersecurity policies, procedures and oversight processes;
  • Protect their networks and information;
  • Identify and address risks associated with remote access to client information, funds transfer requests and third-party vendors; and
  • Detect and handle unauthorized activities and other cyber-attacks.

Since the Article 29 Working Party on the Protection of Individuals (“WP29”) announced last week that it would it shortly issue a statement on the landmark CJEU ruling invalidating the Safe Harbor Decision (Schrems v. Data Protection Commissioner (C-362- 14)), we have been awaiting their guidance.  Today, the WP29 issued an important statement offering some clarity to companies that, amid the fallout from the decision, have been pondering the question of “What’s next?”