General Data Protection Regulation

Seyfarth Shaw Offers Data Privacy & Protection in the EU-U.S. Desktop Guide and On-Demand Webinar Series

On May 25, 2018, the EU General Data Protection Regulation (“GDPR”) will impose significant new obligations on all U.S. companies that handle personal data of any EU individual. U.S. companies can be fined up to €20 million or 4% of their global annual revenue for the most egregious violations. What does the future passage of GDPR mean for your business?

Seyfarth’s eDiscovery and Information Governance (eDIG) and Global Privacy and Security (GPS) practitioners are pleased to announce the release of Data Privacy & Protection in the EU-U.S.: What Companies Need to Know Now, which describes GDPR’s unique legal structure and remedies, and includes tips and strategies in light of the future passage of the GDPR.

How to Get Your Desktop Guide:

To request the Data Privacy & Protection in the EU-U.S. Desktop Guide as a pdf or hard copy, please click the button below:

GDPR Webinar Series

Throughout August and October of 2017, Seyfarth Shaw’s attorneys provided high-level discussions on risk assessment tools and remediation strategies to help companies prepare and reduce the cost of EU GDPR compliance. Each segment is one hour long and can be accessed on-demand at Seyfarth’s Carpe Datum Law Blog and The Global Privacy Watch Blog.

For updates and insight on GDPR, we invite you to click here to subscribe to Seyfarth’s Carpe Datum Law Blog and here to subscribe to Seyfarth’s The Global Privacy Watch Blog.

Cross-posted from Carpe Datum Law

On May 25, 2018, the EU General Data Protection Regulation (“GDPR”) will impose significant new obligations on all U.S. companies that handle personal data of any EU individual. U.S. companies can be fined up to €20 million or 4% of their global annual revenue for the most egregious violations. What does the future passage of GDPR mean for your business?

Our experienced eDiscovery and Information Governance (eDIG) and Global Privacy and Security (GPS) practitioners will present a series of four 1-hour webinars in August through October of 2017. The presenters will provide a high-level discussion on risk assessment tools and remediation strategies to help prepare and reduce the cost of EU GDPR compliance. Continue Reading Is your organization ready for the new EU General Data Protection Regulation?

shutterstock_291401912On May 25, 2018, the EU General Data Protection Regulation (GDPR) will come into effect requiring companies that process personally identifiable information of EU residents to comply with a significant number of enhanced data-protection requirements. One of these requirements is an individual’s “right to explanation” of an algorithmic decision made about him or her by a machine.

This right will affect companies that monitor the behavior of European residents for the purposes of data-subject “profiling” that produces legal effects or significantly affects the natural persons whose personal information is being collected and analyzed. This includes “profiling” that consists of any form of automated processing of personal data evaluating the personal aspects relating to a natural person, in particular to analyze or predict aspects concerning the data subject’s performance at work, economic situation, health, personal preferences or interests, reliability or behavior, location or movements.

Article 13 of the GDPR will require data controllers collecting personal information to inform data subjects of the existence of automated decision-making, including profiling, and, in certain cases, to provide “meaningful information about the logic involved,” as well as significance and consequences of such processing. Article 22 of the GDPR states that data subjects shall have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects.

The GDPR will carry hefty fines that will be based on case-specific multi-factor analysis. Depending on the type of infringement, GDRP violators can be fined up to €10 – €20 million, or up to 2% – 4% of total worldwide annual turnover, whichever is higher.