Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Bret Cohen

Posts by Bret Cohen
Posted in Data Protection & Privacy Bret Cohen

U.S. Supreme Court Takes Microsoft Corp. v. United States in Law Enforcement Access Row

Last Monday, the Supreme Court granted certiorari in the Microsoft search warrant case, a case in which Microsoft challenged the U.S. government’s right to use the warrant process to obtain certain emails stored overseas.  Some view the upcoming decision as signaling the level of access the U.S. government will have to the growing troves of data U.S.-based technology companies … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russian Data Protection Authority Publishes Privacy Policy Guidance

On 31 July, the Russian data protection authority, Roskomnadzor, issued guidance for data operators on the drafting of privacy policies to comply with Russian data protection law. Russia’s 2006 privacy law – Federal Law No. 152-FZ of 27 July 2006 “On Personal Data” (Personal Data Law) – requires, among other things, that Russian data operators must adopt a privacy policy … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Increases Fines for Violations of Data Protection Laws

On 7 February 2017, the Russian President signed into law a bill (link in Russian) introducing amendments to the Russian Code on Administrative Offences that increases the amount of the fines imposed for violating Russian data protection laws and differentiates the relevant offences’ types. The greatest increase raises maximum fines for certain violations from RUB 10,000 to 75,000 (approx. USD … Continue Reading

Posted in Data Protection & Privacy Julie BrillBret Cohen

Trump’s Executive Order Does Not Impact U.S. Privacy Shield Commitments

Last Wednesday, President Trump signed an immigration-related Executive Order (EO) titled “Enhancing Public Safety in the Interior of the United States” that, among other things, removed the ability of federal agencies to extend protections under the Privacy Act to anyone other than U.S. citizens or legal permanent residents. Some initial observers have suggested that this means that the … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Releases 2017 Data Privacy Inspection Plans; Microsoft Passes 2016 Inspection

At the end of 2016, territorial divisions of the Russian Data Protection Authority, Roskomnadzor, published their 2017 plans for conducting inspections of local companies’ compliance with Russian data privacy requirements, including data localization. The inspection plans contain a number of prominent multi-national and Russian companies.

For instance, the inspection plan of Roskomnadzor’s territorial division for the Russian Central Region includes … Continue Reading

Posted in Data Protection & Privacy Eduardo UstaranBret CohenKatherine Gasztonyi

Details of Legal Challenge to Privacy Shield Revealed

Ever since the first draft of the EU-US Privacy Shield framework was published in early 2016, groups opposed to the idea have indicated their intent to challenge the legality of the framework under EU law. Recently, the privacy advocacy group Digital Rights Ireland (DRI) made good on that promise.  Following the filing of a formal complaint on 15 September asking … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Moscow Court Upholds Ruling to Block LinkedIn in Russia for Non-Compliance with Data Localization Law

In a case with major significance for foreign online businesses that do business in Russia, on Thursday, 10 November the Moscow City Court sustained a lower court ruling that granted the request of the Russian Data Protection Authority (Roskomnadzor) to block access to social network LinkedIn within Russian territory.

As we described in an earlier post, Roskomnadzor brought the … Continue Reading

Posted in Data Protection & Privacy Julie BrillBret CohenEduardo UstaranHarriet Pearson

Privacy Shield Receives Final Approval from European Commission—Some Initial Practical Advice

On 12 July 2016, the European Commission issued its much awaited “adequacy decision” concerning the Privacy Shield framework for the transfer of personal data from the EU to the U.S. This adequacy decision is based on the latest version of the Privacy Shield, which was further negotiated and revised following the Article 29 Working Party’s April 2016 concerns with … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Data Localization Update: Results from Regulatory Inspections Clarify Enforcement Approach

We last reported on Russia’s data localization law earlier this year when the Russian data protection authority, Roskomnadzor, released its inspection plan for 2016. Since then, Roskomnadzor has been conducting compliance inspections both according to the plan and in individual cases when it has reason to do so. The results of those inspections and recent comments by the Head … Continue Reading

Posted in Data Protection & Privacy, TMT2020 Harriet PearsonEduardo UstaranBret CohenKatherine Gasztonyi

TMT2020: Inside the New EU-U.S. Data Framework: A Practical Breakdown of the Privacy Shield

EDITOR’S NOTE:  We are excited to present this entry in our new TMT2020 series, which reflects the key technology, media, and telecoms legal issues that are expected to impact today’s organizations and tomorrow’s marketplace.  It also provides an opportunity to highlight contributions by TMT associates across our global offices and practice areas. 

The February 29, 2016 announcement of the new … Continue Reading

Posted in Data Protection & Privacy Eduardo UstaranHarriet PearsonBret CohenKatherine Gasztonyi

First Look: EU–U.S. Privacy Shield

On February 29, 2016, and after more than two years of negotiations with the U.S. Department of Commerce, the European Commission released its draft Decision on the adequacy of the new EU–U.S. Privacy Shield program, accompanied by new information on how the Program will work. The Privacy Shield documentation is significantly more detailed than that associated with its predecessor, the … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaBret Cohen

Russia Releases Data Localization Inspection Plan for 2016

In mid-January, the territorial divisions of Russia’s Data Protection Authority, Roskomnadzor, uploaded their 2016 plans for conducting inspections of local companies’ compliance with Russia’s data localization requirements, and there are a number of prominent multi-national companies on the list.

For instance, the inspection plan of Roskomnadzor’s territorial division for the Russian Central Region (in Russian) contains a number of organizations … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russian Data Localization: Two Months In

We are now almost two months into the era of Russia’s Data Localization Law, which came into force on 1 September.  While some expected immediate enforcement, the Russian Data protection Authority, Roskomnadzor, has not yet taken any action for a violation of data localization requirements.  Last month, Roskomnadzor did take formal enforcement action to block a website and add Continue Reading

Posted in Data Protection & Privacy Eduardo UstaranHarriet PearsonBret Cohen

EU Data Transfers: Considering Your Options After Friday’s Article 29 Working Party Statement

The EU’s Article 29 Working Party issued a statement on Friday on the recent Schrems decision invalidating the adequacy of the EU-U.S. Safe Harbor framework, emphasizing that affected businesses should start to put in place legal and technical solutions in a timely manner to meet EU data protection standards.  The statement gave a January 2016 deadline for companies to come Continue Reading

Posted in Data Protection & Privacy Winston MaxwellHarriet PearsonBret CohenEduardo Ustaran

Safe Harbor Invalidated – What Next?

On 6 October 2015, the Court of Justice of the European Union (CJEU) declared the EU-US Safe Harbor framework invalid as a mechanism to legitimize transfers of personal data from the EU to the US.  This decision effectively leaves any organisation that relied on Safe Harbor exposed to claims that such data transfers are unlawful.

Safe Harbor was jointly devised … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russian Data Localization Law: First Day in Force and Schedule for Compliance Inspections

Today, on 1 September, the Russian Data Localization Law came into force. So far there have been no unexpected developments or reports of any unplanned inspections by Roskomnadzor, the Russian Data Protection Authority.  Existing planning documents, however, provide some predictability for organizations subject to the law about the schedule under which Roskomnadzor plans on conducting compliance inspections.

Roskomnadzor’s plan for … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Update: Regulator Publishes Data Localization Clarifications

The Russian Ministry of Communications, the agency that oversees the Russian data protection authority which will be enforcing Russia’s Data Localization Law, published unofficial clarifications on its website that provide a view into how the Ministry believes organizations must comply with the law. While these clarifications are non-binding, they constitute the only written regulatory guidance that has been published to … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaBret CohenMaria Sedykh

Russian Regulator Publishes Data Localization Clarifications One Month Before Sept. 1 Effective Date, Plus Other Developments

In September 2015 the Russian Data Localization Law will come into force, requiring organizations that collect personal data from individuals located in Russia to store that data within Russian territory. In this blog post, we summarize recent developments on how the law will be applied, including the unexpected publication of regulatory guidance issued by the government this week.

After many … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Natalia GulyaevaMaria SedykhBret Cohen

Russia Data Localization Law Update and Webinar: New Details Emerge from Meetings with Russian Regulator

With the September 2015 effective date of Russia’s Data Localization Law less than six months away, the Russian data protection authority, Roskomnadzor, has still not issued any formal guidance on how it interprets the law’s broad requirement that companies must process and store the personal data of Russian citizens within Russia. Roskomnadzor has, however, recently held a series of meetings … Continue Reading