Cybersecurity, Privacy, & AI

Trending Now
Doxim Data Breach Settlement Underscores Third-Party Data Security Risk • SASC Proposes Reorganization of Pentagon’s IT, Cyber Leadership • Anthropic Suspends Top AI Models After U.S. Export Control Order • Senate Bill Seeks to Restore Funding for Cyber Information-Sharing Program • CISA Directive Orders Agencies to Prioritize Vulnerability Patching in a New Way
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on January 21, 2020 Cyber

Cybersecurity 2020 – The Year in Preview: New Guidance Continues to Clarify GDPR’s Scope

Cybersecurity 2020 – The Year in Preview: New Guidance Continues to Clarify GDPR’s Scope

Michiru13 | Shutterstock

Foley Hoag looks at the European Union’s General Data Protection Regulation, warning that it has been expensive to comply with, has potentially serious penalties attached to it, and is more broadly applicable than one might assume.

A company falls within the GDPR’s territorial scope in two main situations. The first is when the company processes data in the context of its EU establishment. The second is when the company performs certain processing activities that target data subjects located in the EU. In late 2019, the EU’s lead data protection regulator, the European Data Protection Board, issued its final guidelines on the GDPR’s territorial scope. Enforcement bodies are familiar with them, and companies should be too.

More at Foley Hoag

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.

© PubKGroup 2024