Revisiting Data Privacy Compliance Obligations in the Post-GDPR World
In 2018, the General Data Protection Regulation (GDPR), which was the “new” EU-wide data privacy law, replaced the 20-year-old Data Protection Directive and created more individual control over and transparency around companies’ use of personal data. For multinationals, the impact on their compliance culture has been significant. Now, other jurisdictions of the world are playing catch-up. For example, the recently passed California Consumer Privacy Act (CCPA), which will go into effect in January 2020, takes some cues from the GDPR while going even further in places and undoubtedly will result in additional compliance modifications for companies that “do business” in California. The clock is ticking on making the necessary compliance changes – and the risk of noncompliance isn’t worth it. Presenter Scott Galt has more than 15 years of experience as a partner at Armstrong Teasdale and is a Certified Information Privacy Professional with a focus on EU law. He has helped dozens of clients navigate overseas data privacy waters, develop data privacy compliance programs, spot gaps that warrant flexible compliance solutions, and has provided general guidance on limitations and consequences associated with the assessment, auditing, implementation, maintenance, operationalization, recertification and verification of various data privacy programs.
Key Takeaways:
- Enhance your knowledge of cross-border data flows, GDPR, CCPA, and what constitutes personal information
- Gain a deeper understanding of your company’s role in protecting the privacy of your customers and employees and the key steps to achieving compliance
- Appreciate the enhanced individual rights enjoyed under the new law(s) and the legal bases on which companies must rely as they address them
- Examine technical, organizational and practical measures that can mitigate risk to your organizations
- Confront enhanced accountability requirements of the new law(s)
F. Scott Galt
Scott Galt understands that government actions increasingly affect companies involved in the global trade of goods and services. To manage those added risks associated with overseas transactions, Scott handles corporate compliance issues and global transactions for foreign and domestic companies in a wide variety of industries and contexts. His knowledge of local legal requirements, including trade regulations and data privacy laws in many countries, helps organizations enhance their worldwide networks in a cost-efficient manner. As globalization continues to take hold, Scott advises clients on the licensing and regulatory needs related to their international business concerns, including in connection with the Export Administration Regulations (EAR), the International Traffic in Arms Regulations (ITAR), economic sanctions regimes, anti-boycott laws, embargoed country trade, competition law, and anti-bribery laws, such as the Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act. In a similar vein, Scott helps clients navigate cross-border data flows in the wake of the changing data privacy and protection landscape wrought by the EU-US Privacy Shield Framework and the EU General Data Protection Regulation (GDPR). By developing trade, data privacy, competition law, franchise, or FCPA compliance programs, or facilitating the implementation, assessment, and auditing of current programs, Scott can spot problems and provide guidance on their limitations and the attendant consequences.
When a company wants to grow its business, either organically or through acquisition, Scott serves to guide it through the maze of issues associated with their global or domestic expansion. Whether it is corporate formation, entity selection, structure, mergers and acquisitions, cross-border movements, competitive effects, privacy concerns, or disclosure obligations, he works to ensure that each agreement contemplates the appropriate procedures, appreciates jurisdictional nuances, minimizes tax implications and risk, and fulfills the client’s objectives.
Scott also brings the benefits of a commercial litigation perspective to his international and domestic corporate and compliance work, serving as outside general counsel for a number of regional clients for whom he handles a wide variety of high-dollar litigation and corporate disputes. Scott also serves as outside general counsel for a national manufacturing trade association. His litigation experience also includes representing corporate and individual fiduciaries, personal representatives, and beneficiaries in a variety of trust and estate disputes.