Key takeaways

• “Life moves pretty fast.  If you don’t stop and look around once in a while, you could miss it.” This alert is a roundup of last week’s fast-moving news on cybersecurity and data privacy.
• On February 29, the U.S. Department of Commerce and European Commission released the full draft text of the EU-U.S. Privacy Shield Framework, a mechanism allowing EU companies to comply with EU data protection requirements when transferring data to the United States.
• In its first ever data security enforcement action, the Consumer Financial Protection Bureau took action against Dwolla for misrepresenting its data security practices and failing to adequately protect personal information.
• RSA Conference 2016 took place in San Francisco, featuring speakers in high-level industry and governmental positions who addressed the importance of inter-governmental, inter-agency coordination and public-private partnership in responding to cybersecurity issues.
• In Gobeille v. Liberty Mutual Insurance Company, the U.S. Supreme Court held that a Vermont statute requiring health insurance companies to provide data to the state was preempted by the Employee Retirement Income Security Act of 1974.