Tag Archives: Shannon Togawa Mercer

Certification Under the EU-U.S. Data Privacy Framework

by Dr. Martin BraunKirk J. Nahra, Tamar Y. PintoShannon Togawa MercerItsiq Benizri, and Valentino Halim

Photos of the authors

Top left to right: Dr. Martin Braun, Kirk J. Nahra, and Tamar Y. Pinto.
Bottom left to right: Shannon Togawa Mercer, Itsiq Benizri, and Valentino Halim.
(Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP)

On July 10, 2023, the European Commission adopted an adequacy decision for the new EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the successor to the EU-U.S. Privacy Shield, which the Court of Justice of the European Union deemed invalid on July 16, 2020. The U.S. Department of Commerce (“DoC”) is charged with administering and monitoring the EU-U.S. DPF program.

On July 17, 2023, the DoC International Trade Administration launched its EU-U.S. DPF website. Companies are now able to review the key requirements for participating organizations, including how to join the program and how to recertify.

Continue reading

Significant Improvements for International Transfers of Personal Data – Adequacy Decision for the New EU-U.S. Data Privacy Framework Adopted by the European Commission

by Dr. Martin Braun, Kirk J. Nahra, Frédéric Louis, Benjamin A. Powell, Anne Vallery, Itsiq Benizri, Valentino HalimAli A. Jessani, and Shannon Togawa Mercer

Photos of the authors

Top left to right: Dr. Martin Braun, Kirk J. Nahra, Frédéric Louis, Benjamin A. Powell, and Anne Vallery.
Bottom left to right: Itsiq Benizri, Valentino Halim, Ali A. Jessani, and Shannon Togawa Mercer.
(Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP)

On July 10, 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (“Adequacy Decision”). This ends a three-year journey to set up a successor to the EU-U.S. Privacy Shield mechanism, which the Court of Justice of the European Union (“CJEU”) deemed invalid on July 16, 2020. U.S. President Joe Biden welcomed the Adequacy Decision, stating that it “will provide greater data privacy protections and economic opportunities.”

The Adequacy Decision concludes that the U.S. provides for an adequate level of protection under the EU’s General Data Protection Regulation (“GDPR”) when personal data of individuals in the European Economic Area (“EEA”) is transferred to U.S. companies certified under the new EU-U.S. Data Privacy Framework.

Continue reading

Federal Agencies Publish New Version of the #StopRansomware Guide

by Benjamin A. Powell, Matthew F. FerraroShannon Togawa Mercer, and Ariel Dobkin

Photos of the authors

From left to right: Benjamin A. Powell, Matthew F. Ferraro, Shannon Togawa Mercer, and Ariel Dobkin (photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP)

On May 23, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a second edition of the #StopRansomware Guide (the Guide). The Guide, first published in September 2020, aims to help organizations reduce the risk of ransomware attacks, and it provides best practices to prevent, detect, respond to, and recover from such incidents. The 2023 version contains updated guidance and best practices in the areas of initial infection vectors, cloud backups, zero trust architecture and ransomware response.

Continue reading