Kelly Hagedorn

1 month ago | jdsupra.com | Paul Greaves |Kelly Hagedorn

On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK to continue until December 2025. The existing adequacy decision – which was adopted in 2021 in light of the UK’s departure from the European Union – is currently due to expire on June 27, 2025.

Dec 31, 2024 | jdsupra.com | Kelly Hagedorn

The United Kingdom’s National Cyber Security Centre (NCSC) has released its Annual Review for 2024. As in prior years, the report covers the UK’s cyber security position, both in terms of threats to the public and private sectors, as well as the country’s readiness to deal with those threats. Unsurprisingly, the NCSC notes that the greatest nation state sponsored threats to the UK emanate from China, Russia, Iran and North Korea.

Oct 21, 2024 | jdsupra.com | Kristen Bartolotta |Kelly Hagedorn

In the July 2024 King’s Speech, the UK government announced its intention to introduce a Cyber Security and Resilience Bill (the “Bill”) to improve the UK’s cyber defenses and protect essential public services. The announcement comes as companies and countries increasingly face attacks by cyber criminals and state actors, sometimes disrupting public services and infrastructure.

Oct 18, 2024 | jdsupra.com | Kelly Hagedorn |Wim Nauwelaerts |Alice Portnoy

EU Member States had until today, October 17, 2024, to transpose the Network and Information Security (NIS) 2 Directive into their national laws. As Directives are not directly applicable in EU Member States, the EU legislator required all 27 Member States to incorporate into their local laws the requirements of NIS 2 and to make them binding on covered entities within their jurisdiction. However, a large number of EU Member States have missed the transposition deadline.

Oct 14, 2024 | jdsupra.com | Kelly Hagedorn

On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised application of the EU GDPR across the European Economic Area (“EEA”) and is comprised of the heads of the data protection authorities in each EEA state, as well as the European Data Protection Supervisor.