Linda Priebe CIPP/E, partner in Culhane Meadows’ DC office will be speaking at “Inside Job 3 – Risks, Threats, and Innovations” presented by The GreenHouse Group LLC on August 25th in Rosslyn, VA. The conference brings together top cyber experts in government and the private sector to share information regarding improving cyber security and mitigating cyber breaches. This is a great opportunity for attendees to learn how to better protect their information systems and network, share ideas, pitch products and services to investors, buyers, and business partners.
Ms. Priebe will be speaking about new EU data protection reforms for US companies going into effect on May 25, 2018. Massive reforms of the EU data protection laws that apply to US companies with penalties up to 20 million euros or 4% of global sales (including subsidiaries) whichever is higher, continue to be enacted at a breakneck pace. EU member states are enacting new implementation guidance and laws almost daily and regulators are nearly doubling their enforcement staffs. The updated EU laws apply to companies worldwide ranging in size from micro to massive who have customers, prospective customers, employees, equipment, and/or service providers located in the EU regardless of citizenship.
Despite increasing warnings from EU data protection authorities to companies worldwide, including small and medium enterprises, the majority of US companies are not updating their data collection, management, use, storage, sharing, security and policies, practices, contracts and systems in time to prevent EU enforcement actions before the new laws go into effect on May 25, 2018.
The reformed EU data protection laws even apply to US companies without EU locations or customers in the EU of their own, but whose business customers use their products/services to interact with EU customers, prospective customers and/or employees. This is especially applicable to telecom and digital communications companies, as well as internet service, cloud storage, software as a service (SaaS), digital marketing and ad tech, healthcare, HR, and online retail platform providers, as well as nearly every other industry sector.
The new EU laws include the General Data Protection Regulation (GDPR) and draft ePrivacy Regulation (former EU “Cookie Law”). Both are scheduled to take effect on May 25, 2018, without the need for adoption by member states and have global jurisdiction. In addition to individuals located in the EU (regardless of citizenship) the draft ePrivacy Regulation also authorizes EU member states to protect the data of companies located in the EU if the member state chooses to. Personally identifying information protected under EU law is also much broader than is common in the US and includes email addresses, IP addresses and device IDs.
Additional presenters include:
- Karen Jackson, Secretary of Technology, Commonwealth of Virginia
- Steven Hernandez, Chief Information Security Officer, HHS
- Amy Apostol, Special Counsel, National Background Investigations Bureau, OPM
- Mark Wine, Senior Advisor, Department of Veterans Affairs
- Archana Vemulapalli, CTO for the District of Columbia
- Thomas Barnard, Partner, Baker, Donelson, Bearman, Caldwell and Berkowitz
- Tim Keogh, Vice President, Sandy Spring Insurance
Attendees are eligible for CIPP credit from the International Association of Privacy Professionals, www.IAPP.org , including for the EU (a rare opportunity in the US). More information and registration is available here: https://ghgpresents-insidejob.swoogo.com/InsideJob3
In addition to being a Certified Information Privacy Professional for EU law, Ms. Priebe is former Deputy General Counsel and Ethics Official in White House Offices under three presidents and counsel in a dozen winning cases before the U.S. Supreme Court. Linda assists telecom communications companies, Internet and SaaS providers, digital and social media advertising and marketing firms, software and mobile application developers, Internet retailers, employers, and global businesses in complying with EU and US laws governing data privacy and security.
This Blog/Web Site is made available by Culhane Meadows, PLLC and its attorneys for educational purposes only and to provide general information about the law—not to provide you specific legal advice. By using this Blog/Web Site you understand that there is no attorney client relationship between you and any Culhane Meadows attorney. This Blog/Web Site should not be used or relied upon as a substitute for competent legal advice from a licensed professional attorney in your jurisdiction. Also, please note that although this Blog/Web Site is made available on the Internet, Culhane Meadows attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.