Proskauer is a recognized leader in legal services related to privacy and cybersecurity. Our practice leaders have specialized in this area for twenty years, as far back as the practice area has existed and long before our peer firms entered the space. Moreover, our practice is one of the few that offers the deep expertise of highly specialized lawyers in both corporate transactions and litigation defense – all within the privacy and data security specialization, and in all tiers of seniority.
2. Strength in numbers
Our practice is one of the few that offers the deep expertise of highly specialized
lawyers in corporate transactions, litigation defense and employment law – all
within the privacy and data security specialization, and in all tiers of seniority.
3. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
1996: Health Insurance Portability and Accountability
Act (HIPAA) was passed by Congress.
1996-1999: Early commercialization of the World Wide Web
and e-Commerce.
In early 1997, 51 million adults were online in the U.S. and
Canada. Of those people, 73% reported that they had
shopped for product information on the World Wide Web.
1996: Our lawyers had already specialized in health
care law for many years, and had been tracking this
legislation through Congress. Upon enactment, they
promptly began advising covered entities, preparing
privacy statements and training materials, counseling
on compliance, and negotiating business associate
agreements.
1996-1999: Our lawyers wrote the first Web site Privacy
Policies for corporations venturing onto the Web.
Legacy Web site Privacy Policies had been written by
marketing professionals, designed to assuage consumers’
fears of transacting online. They made overbroad promises
that could be (and were, eventually) enforced legally.
1996
4. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
1998: Deadline for EU
countries to enact laws to
comply with European
Union’s Data Protection
Directive.
1998: Our lawyers were quick to identify
clients who had web sites that were targeted
toward children, and helped them to comply
with COPPA, taking advantage of the law’s
exceptions to reduce the impact on business.
In 2013, when the COPPA regulation was
amended, our lawyers did the same, again,
using creative strategies to reduce the
burdensome impact on legitimate, law-
abiding businesses.
1998: Our lawyers prepared
a multi-volume EU Data
Directive compliance
handbook for a German-
based multinational media
company.
1998: FTC action against
Geocities for making deceptive
privacy promises in its online
Privacy Policy. First FTC
action of its kind.
1998: Children’s
Online Privacy
Protection Act
(COPPA) enacted.
1998: Our lawyers began to
track FTC enforcement actions
on privacy promises, and to
design client privacy policies to
be “judgment-proof” against
FTC theories of action.
1998
5. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2000: Gramm–Leach–Bliley Act
(GLBA) Privacy Rule and Safeguards
Rule passed.
2000: Our lawyers began advising
financial institutions and their service
providers to prepare privacy
statements, craft compliant data
sharing arrangements and negotiate
compliant agreements, addressing
state mini-GLBA laws too.
2000: The U.S. Department of Commerce and the
European Union agreed to a Safe Harbor
Program to allow personal data to be exported
from Europe to the United States in compliance
with EU data protection law.
2000: Our lawyers began to assist clients to make
use of the Safe Harbor program, as one of the
easiest methods of complying with EU data
protection law with respect to exporting personal
information from Europe.
2000
6. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2001: European Article 29 Working Party released first model
contract to enable the export of personal information from
Europe to non-European countries whose laws did not afford
adequate data protection in the eyes of the European data
protection authorities.
2001: Our lawyers began to use these model contracts to
facilitate clients’ export of data from Europe.
When additional forms of model contracts were released in
2002, 2004 and 2010, our lawyers continued to evolve with the
landscape and advise clients to leverage their best options
under European data protection law.
2001
7. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2002-present: Online businesses
seek to monetize the data they
have access to from their
customers for behavioral online
advertising purposes.
2002-present: Our lawyers
represent a national cable and
broadband provider to negotiate
online advertising-related contracts
with key marketplace participants,
including addressing behavioral
advertising issues in contracts and
in implementation.
In 2014, our lawyers represented a
global online behavioral advertising
company to design its programs to
comply with U.S. laws that regulate
online tracking of Internet users.
2002: Our lawyers began to
educate clients, and counsel them
when they suffered data breaches
of sensitive customer or employee
information.
Since this law became effective,
our lawyers have handled dozens
of data breaches per year of all
shapes and sizes.
2002: FTC brought action against Eli Lilly
on data security grounds, deploying the
deceptive trade practices prong of
Section 5 of the FTC Act. This was the
first FTC action of its kind.
2002: California’s Breach
Notification Law was enacted. In
the years there-after, all U.S.
jurisdictions but three have
followed suit.
2002: Our lawyers began to track all
FTC enforcement actions pertaining to
data security, and to craft policies and
procedures for clients that would be
“judgment-proof” against FTC precedent.
2002
8. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2003: U.S. “CAN-SPAM” Act
was enacted, pre-empting ~50
state laws that varied in their
requirements for commercial
email.
Pre-2003: Our lawyers prepared
compliance programs for clients that
brought about compliance with all laws
for one email campaign.
Pre-2003: With no federal anti-spam
law, almost 50 contradictory state laws
and bills regulated a business’ ability to
send promotional emails to its
customers.
2003: Our lawyers wrote the
leading comprehensive White
Paper on the CAN-SPAM Act,
and began preparing internal
compliance procedures for clients
having the effect of reducing the
statutory damages available for
violations of the Act.
In 2015, our lawyers defended a
company whose business is to
send promotional emails for its
clients against a CAN-SPAM suit
that made novel arguments. The
suit resulted in a nominal
settlement amount.
2003: Our lawyers prepared compliance
memos and tables for all types of direct
marketing: e-mail, fax, telemarketing, text
messaging, instant messaging and postal
marketing.
2003
2003: The Federal Communications
Commission issued a decision that the
Telephone Consumer Protection Act
applies to text messages as “calls,” adding to
the suite of state and federal laws regulating
direct marketing, including email,
telemarketing, faxing and text messaging.
In 2009, the 9th Circuit agreed with the
FCC’s determination in Satterfield v. Simon
& Schuster, leading to a $13M settlement.
9. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2005: FTC action against BJs for failing to protect
consumer data from unauthorized access, where they
had not made a promise to protect data. This was the
first FTC action of its kind.
2005: Kristen Mathews, the head of Proskauer’s
Privacy & Cybersecurity practice, received her
certification as an information privacy professional
by the International Association of Privacy
Professionals. Since then, eight of our lawyers
have received their CIPP credentials over the
years.
2005: Our lawyers continued to track all FTC
enforcement actions pertaining to data security, and to
craft policies and procedures for clients that would be
“judgment-proof” against FTC precedent.
In 2003, the International Association of Privacy
Professionals (IAPP) was formed.
2005
10. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2006: The legal specialty of “data privacy law” began to
take stride at other law firms, with some firms beginning
to take interest and launch formal practice groups.
2006: Proskauer lawyers authored and edited the first
comprehensive treatise on the topic of privacy and data
protection, Proskauer On Privacy, published by the
Practicing Law Institute and still updated by Proskauer
lawyers and outside authors two times per year.
Proskauer launched its Privacy Law Blog, which was
since selected for inclusion in the Library of Congress
historic collection of Internet materials.
2006: Assisted luxury auto brand to survey
laws in all 50 states to address privacy
issues with collection, use and sharing of
customer and vehicle usage data from
vehicles remotely.
2006: In 2005, states had begun to enact
laws that regulate the collection of vehicle
and driver information from vehicles.
2006
11. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2007: TJX (of T.J. Max stores) had just
suffered the largest data breach to date, and
cyber insurance policies were in their
infancy, with just a few specialty carriers in
the market.
2007: Our lawyers assisted a specialty
insurance carrier to design its new cyber risk
insurance policy to apply appropriately to the
marketplace.
2007
12. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2008:
Our lawyers began to identify
the key differences between
traditional outsourcing and
cloud services from a data
protection perspective, and
negotiating agreements for
our clients to address those
new and novel issues.
2008:
Chambers & Partners
added a “Privacy and
Data Security” category
to its annual law firm
rankings publication.
2008-2016:
Proskauer’s Privacy &
Cybersecurity Practice
Group has been
Chambers-ranked
since 2008.
2008
2008-2009:
FTC in heat of enforcement
actions against companies
that have suffered data
breaches.
2008-2009:
Our lawyers defended a
private class action and an
FTC action against an
education company that
suffered a security breach.
A favorable settlement of
the private claim was
reached, and the FTC was
dissuaded from pursuing
an action against the
company.
2008:
Cloud computing began to
replace traditional technology
outsourcing arrangements.
13. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2008: The “Red Flags Rule” was passed by the Federal
Trade Commission and banking regulators, requiring
companies to take measures to detect and take action on
detected ID theft.
2008: Our lawyers wrote A Practical Guide To The Red
Flag Rules, published by the Practicing Law Institute.
Our lawyers worked with creditors and financial
institutions to “brainstorm” the indicators detectable to
them of identity theft on their customer accounts and the
appropriate action to take in light of such indicators, and
to design programs around these frameworks.
2008: Assisted developer of
consumer mobile application to
conduct “privacy-by-design” in
development of application and also
prepared App privacy policy.
2008: Mobile Apps began to replace
Web sites as the preferred means of
interacting with customers online.
2008
14. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2009: The Federal Trade
Commission took an expansive
interpretation of the scope of
the Red Flags Rule, by
considering businesses that
accepted payment for services
in arrears to be “creditors”
covered by the rule.
2009: Europe’s e-Privacy
Directive amended to require
web sites to obtain user
consent before using cookies.
2009: Proskauer represented
the American Bar Association
to fight the contention that
lawyers are covered by the Red
Flags Rule. The court agreed,
and found that law firms are not
covered by the regulation.
Following that, Congress
amended the Act to carve-out
more business models from its
scope on the same grounds.
2009: Proskauer represented a major
U.S. bank defending claims arising from
the loss of computer back-up tapes. In a
significant win, the defendants’ motions to
dismiss were granted.
Proskauer also represented the bank in
respect of multiple regulatory
investigations, stemming from the same
data loss, including fashioning an
extremely favorable settlement with a
state attorney general.
2009: Our lawyers developed a
framework to inventory and
categorize cookies based on
compliance obligations and risk,
and derived implementation
plans for clients that were
business-friendly and risk-
based.
2009
2009: Some of the earliest data breach
private actions were waged against
companies that suffered data breaches.
15. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2002-2011: After being on the books but unenforced
since 1990, plaintiffs’ class action lawyers began to
enforce California’s Song Beverly Credit Card
Act, which puts burdens on a retailer’s collection of
customer data at the point of sale.
2002-2011: Our lawyers defended several of the first
class action law suits against retailers under the
Song Beverly Act and negotiated favorable
settlements that were leveraged in future cases
against other retailers defended by other counsel.
To protect other clients from similar class actions,
our lawyers identified each of the states with similar
laws and prepared a risk chart that graphically
illustrated the types of PII requests that could and
could not be made in each state and identified
practical work-around solutions for each state law.
2002 2011
16. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2010: A complex, multi-
party litigation arose
from among the largest
data breaches to date,
suffered by a payment
card processor and
affecting 40M payment
cards. The case was in
the heat of litigation,
approaching settlement.
2010: Proskauer lawyers conducted
“privacy by design” evaluation and
prepared a privacy policy for an online
tool for music, movie, game and other
content distribution service used by
dozens of top technology and
entertainment companies.
2010: Our lawyers represented
a financial services company
against a putative nationwide
consumer class action lawsuit
alleging failure to safeguard
non-public financial
information. The case was
dismissed and the decision
was upheld on appeal.
2010: Private class action law
suits continue to wage against
companies that had suffered
data security breaches.
2010: Regulators from around the world gathered at
the annual assembly of International Data Protection
and Privacy Commissioners in Jerusalem, Israel, and
unanimously passed a resolution recognizing
Privacy by Design as an essential component of
fundamental privacy protection. In 2012, this was
followed by the U.S. Federal Trade Commission’s
recognition of Privacy by Design in its report entitled
Protecting Consumer Privacy in an Era of Rapid
Change – a major validation of its significance.
2010
2010: Proskauer
represented a specialty
cyber security insurance
carrier in overseeing the
defense of its insured
against claims that it
was responsible for one
of the largest payment
card data breaches on
record. The outcome
was a favorable
settlement.
17. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2010: Companies were increasingly being held responsible
by regulators and private claimants for data security
breaches they suffered at the hands of criminal data thieves.
2010: Our lawyers provided comprehensive assessment of
clients’ data security practices, benchmarked findings
against applicable laws, identified practical ways to address
the identified gaps, documented the client’s practices in the
form of written policies and procedures, developed training
materials and conducted a train-the-trainer program to help
the client uniformly communicate the policy.
2010: Plaintiff class action law
suits continue to wage against
companies that have sent text
messages allegedly without
consent in violation of the
Telephone Consumer
Protection Act.
2010: Our lawyers represented a
movie production company in the
defense and settlement of a
putative class action in which the
plaintiff alleged that the company,
through a third-party vendor, sent
nearly 100,000 text messages to
individual consumers without
consent. We reached a favorable
settlement with the plaintiff class,
which the federal district approved.
2010
18. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2010-2016: In 2010, our lawyers
assisted one of the first media
conglomerates to develop a policy
and plan of action to allow employees
to use their personal devices for work
purposes.
In 2012, we assisted a mobile device
management (MDM) solution provider
to create a “state-of-the-art” template
“bring your own device” policy for use
by its customers.
Assisted many companies thereafter
with BYOD policies, as legal analysis
has changed by virtue of the desire to
make BYOD mandatory as a cost-
saving method.
2010: After the term “big data” was coined in 2005 by Roger
Mougalas from O’Reilly Media, corporate America
increasingly looked for ways they could leverage the large
data sets they had accumulated in the ordinary course of their
business.
2010: Our lawyers assisted a nonprofit financial institution in student loan-guaranteeing
business to survey its rights under numerous agreements with students, other lenders and
federal student loan agencies, as well as applicable federal and state laws, to reuse and
disclose student loan information to serve a separate for-profit product offering to schools.
Following that, in 2011, our lawyers assisted a global publisher of business information to
determine the scope of its rights to use information received from auto dealerships about
vehicle sales to create a licensed product containing aggregate sales information without
personally identifiable information, and negotiated agreement with industry group representing
auto dealers to receive necessary rights to data in order to create and sell product.
In 2013-14, our lawyers assisted a global financial institution in the insurance industry to
determine its rights under applicable contracts and federal and state laws to use insurance
policy information received from insurance carriers and their counterparts to provide aggregate
information to all participating carriers, and prepared agreements for use with participants to
procure necessary rights.
2010
2010-2016: In 2010, companies
just began to acquiesce to
employee demands to use their
personally owned devices (instead
of company-issued blackberries)
to access their corporate email
and calendar (BYOD).
19. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2011: Our lawyers
began to carefully craft
disclosures for publicly
traded companies that
accurately reflect risk
and are at par with
disclosures of similarly
situated companies.
2011
2011: Electoral organizations
begin to explore the viability
of online voting in political
elections.
2011: Our lawyers assisted a
not-for-profit organization
with addressing privacy,
data security and online
authentication issues with
regard to an online voting
portal where it was essential
that voters be reliably
authenticated.
2011: SEC releases
guidance for publicly
traded companies to
disclose cybersecurity
risks and breaches on
SEC filings.
2011-2012: Google continues to assume dominance in the
marketplace, to push the boundaries of data protection laws
globally, and to defend numerous privacy-related law suits
and governmental investigations.
2011-2012: Advised global investment firm having large
investment in Google as to Google’s financial exposure under
privacy laws as well as the likelihood of Google suffering a
financial loss under each of the many privacy legal
challenges they faced at the time.
20. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2012: After being on the books but unenforced since 2005, plaintiffs’
class action lawyers began to experiment with California’s Shine the
Light Act, hoping it would be as lucrative for them as some other
privacy laws that provide for statutory damages.
2012: Our lawyers defended among the first of these cases brought,
and using creative arguments and strategy, led the case to dismissal.
Although many class action suits were filed under this law around the
same time against several entities by the same plaintiffs’ counsel, this
was the first substantive ruling by any court and had a pivotal effect
on other pending litigation.
Those cases achieved dismissal too, and no new class action under
this law has been brought since.
2012
21. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2012: Our lawyers prepared comprehensive data breach incident response plan for
national publicly traded car retailer and conducted tabletop incident response exercise for
whole incident response team including presentation of final report to the board.
Since then, our lawyers have presented several cybersecurity tabletop exercises per year,
for companies including an insurance company, a retailer, a residential services provider,
a national health care provider, and a television network.
2012: Companies began to use “tabletop” data breach exercises to train to handle an
actual data breach.
2012
22. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2013-2014: A second wave of data breaches hit retailers
nationwide, targeting point of sale card processing
equipment.
2013-2015: Our lawyers defended a
HIPAA-covered entity in connection
with an inquiry by the Department of
Health and Human Services relating to
a security breach of Protected Health
Information. Ultimately, the OCR was
persuaded not to pursue the action.
2013-2014: Our lawyers assisted one of these retailers to
respond to the breach in compliance with applicable laws
and to mitigate exposure to reputational loss and legal
damages. Managed the client’s response to the data
security breach, including identifying the full nature and
scope of the incident, engaging vendors to provide computer
forensic and credit monitoring services, preparing
notification letters in full compliance with the 46+ state
information security breach laws, and interfacing with state
attorneys general and other government agencies.
2013-14
2013-2015: The Department of Health
and Human Services’ Office of Civil
Rights has ramped up its efforts to
enforce the HIPAA Security Rule
against health care providers that have
suffered data security breaches.
23. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2013-2016: Our lawyers assisted a
global cruise company in crafting an
agreement with a European law
enforcement body to share passenger
information in accordance with
European data protection law.
2013: Our lawyers worked with the
American Civil Liberties Union
(ACLU) in Clapper v. Amnesty
International, a case brought before
the United States Supreme Court
challenging 2008 amendments
made to the Foreign Intelligence
Surveillance Act which essentially
allows the National Security Agency
(NSA) to monitor Americans’
international communications.
2013-2015
2013: Corporations increasingly
leverage technologies that
allow them to track the physical
whereabouts of their personnel
in fleet vehicles and using
smart phones and tablets.
2013-2016: Anti-terrorism law
enforcement bodies worldwide
increasingly seek to receive data from
private companies that help them
track the whereabouts of individuals
on watch lists.
2013: Our lawyers conducted a
50-state survey of laws that
require consent to track the
geographic location of people
using various technologies.
2013: Ed Snowden copied and
leaked classified information from
the National Security Agency
(NSA) revealing the extent of the
U.S. government’s surveillance on
communications of U.S. citizens.
24. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2014
2014:
The International Association
of Privacy Professionals
expands its presence in
Europe. 2014:
SEC released Risk Alert warning
broker dealers and investment
advisors that they will be expected to
have a robust cybersecurity program
in place.
2014:
Electricity companies begin to
explore “smart meters” as a
way to conserve energy.
2014:
Cecile Martin, Special
International Counsel in our
Paris office, was appointed
Chair of the International
Association of Privacy
Professionals KnowledgeNet
for France.
2014:
Our lawyers assisted a
national solar power company
to establish a privacy
program, including customer-
facing privacy notices, to
address privacy issues raised
by collecting highly granular
information about household
occupancy and habits from
residential smart meters.
2014:
Our lawyers immediately
began to counsel broker dealers,
investment advisors, hedge funds,
and private equity firms about the
SEC’s cybersecurity mandate and
how they can prepare to meet the
SEC’s expectations of them with
regard to cybersecurity.
25. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2015: An increasing
trend evolved of so-
called data security
consultants detecting
security vulnerabilities
in technology products
and reporting them to
the company and to
government
authorities.
2015: Our lawyers
represented a medical
software company in
an investigation by the
Federal Trade
Commission against a
doctor practice
management software
vendor relating to an
alleged security
vulnerability in its
software product.
2015: Proskauer represented
T-Mobile in connection with the
widely-publicized data breach of
millions of its customers’
information housed by its vendor,
Experian.
2015
2015: Our lawyers
successfully defended a
high end fashion house in a
Fair and Accurate Credit
Transactions Act (FACTA)
litigation alleging that the
retailer failed to redact credit
card expiration dates from
customer receipts. Our
motion to dismiss the case
was granted.
2015: Our lawyers
immediately began to
assist clients to decide
upon and put in place
alternative means to
export and receive
personal information from
Europe.
2015: After years of enforce-
ment by plaintiffs class
action lawyers reaping the
benefit of statutory
damages, plaintiffs’ counsel
are still suing retailers under
FACTA for including too
much payment card
information on printed sales
receipts.
2015: Increasingly over the 10+
years since data breaches have
been reported publicly, data
breaches are being caused by
service providers who are hired
by a company to serve a back-
end function.
2015: A European court
invalidated the Safe
Harbor program, which
has allowed personal
data to be transferred
from Europe to the United
States for the last 15
years.
26. How Proskauer addressed itHow Proskauer addressed it
How Proskauer addressed it
Historical Development of Privacy and Data Protection Law
We’ve been at it from the start…
1995 20162000 2005 2010
2016:
Europe passed its new General Data Protection
Regulation (GDPR) which will replace its twenty-
year-old Data Protection Directive and be directly
effective on companies worldwide by 2018.
2016:
Our lawyers began to counsel clients on the
changes they would need to make in order to
become compliant with the new regulation by 2018.
2016