Efforts to coordinate and enhance cybersecurity across the
European Union ("EU") have taken a step
forward with the publication on 19 July 2016 of the new Network and
Information Security Directive (2016/1148/EU) (the
"Directive") in the Official Journal of
the European Union.
The key objectives of the Directive are: (1) to introduce a set
of minimum cybersecurity standards for network and information
systems maintained by operators of essential services and digital
service providers; (2) to ensure each Member State has in place
strategies and resources relating to cybersecurity; and (3) to
enhance cooperation amongst EU Member States for the prevention,
detection and response to cyber-attacks. The Directive will have a
direct impact on organisations that fall within the categories of
"operators of essential services" and "digital
service providers" both of which are given a particular
meaning by the Directive.
Member States will have until 9 May 2018 to transpose the
Directive into their national laws.
Mayer Brown is a global legal services provider
comprising legal practices that are separate entities (the
"Mayer Brown Practices"). The Mayer Brown Practices are:
Mayer Brown LLP and Mayer Brown Europe – Brussels LLP, both
limited liability partnerships established in Illinois USA; Mayer
Brown International LLP, a limited liability partnership
incorporated in England and Wales (authorized and regulated by the
Solicitors Regulation Authority and registered in England and Wales
number OC 303359); Mayer Brown, a SELAS established in France;
Mayer Brown JSM, a Hong Kong partnership and its associated
entities in Asia; and Tauil & Chequer Advogados, a Brazilian
law partnership with which Mayer Brown is associated. "Mayer
Brown" and the Mayer Brown logo are the trademarks of the
Mayer Brown Practices in their respective
Mayer Brown article provides information and comments on legal
issues and developments of interest. The foregoing is not a
comprehensive treatment of the subject matter covered and is not
intended to provide legal advice. Readers should seek specific
legal advice before taking any action with respect to the matters
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In light of the much anticipated ICO draft GDPR (the General Data Protection Regulation) Consent Guidance being published yesterday, 2 March 2017, we will be running a mini-series on the guidelines under consultation and the impact the GDPR will have on the much vexed position of consent and the impact on your business.
The first of our four discussions on the ICO guidelines for Consent will focus on the meaning of consent under the GDPR (General Data Protection Regulation) and how this change enhances the previous law on consent to data processing.
The fourth and final part of our mini-series on the draft ICO guidance on Consent, published on 2 March 2017, focuses on the practical impact the GDPR (General Data Protection Regulation) will have on how your organisation records and manages consent.
A fundamental aspect of all fair and lawful processing of personal data under the current data protection rules is the requirement for the party who is the data controller to meet one or more conditions ("the conditions for processing").
The second in our mini-series on the ICO guidance on Consent, published on 2 March 2017, focuses on how the changes to be introduced by the GDPR (General Data Protection Regulation) will impact upon your business and what you can do to pre-empt the changes before their introduction in May 2018.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).