Jordan FischerJordan L. Fischer Named A 2021 Super Lawyers Rising Star For Third Year In A Row

Jordan L. Fischer Named A 2021 Super Lawyers Rising Star For Third Year In A Row

Jordan L. Fischer, Esq., has been named to the 2021 Pennsylvania Rising Stars list for outstanding lawyers 40 years old or younger or in practice for 10 years or less. This is her third straight year, appearing on this list. Each year, no more than 2.5 percent of the lawyers in the state are selected by the research team at Super Lawyers to receive this honor.

Fischer leads Beckage’s Global Privacy team where she represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy and technology compliance. She practices in several jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

At Beckage, she provides counsel to clients on a wide variety of regulatory requirements, including the General Data Protection Regulation and implementing member state law, the California Consumer Privacy Act, the Fair Credit Reporting Act, the Driver’s Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization 27001 and 27701, the National Institute of Standards and Technology cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard.

Super Lawyers, a Thomson Reuters business, is a rating service of outstanding lawyers from more than 70 practice areas who have attained a high degree of peer recognition and professional achievement. The annual selections are made using a patented multiphase process that includes a statewide survey of lawyers, an independent research evaluation of candidates and peer reviews by practice area. The result is a credible, comprehensive, and diverse listing of exceptional attorneys.

About Beckage
Beckage is a women-owned law firm that focuses on technology, data security, and privacy. Our attorneys counsel clients on matters pertaining to data security and privacy compliance, litigation and class action defense, incident response, government investigations, technology intellectual property, and emerging technologies such as Artificial Intelligence (AI), digital currencies, Internet of Things (IoT) devices, and 5G networks. Beckage has offices from California to New York. Learn more at Beckage.com

                                                                               ###

Contact: Morgan Neal
mneal@beckage.com
585.738.2438

Beckage in the News: Protecting Against Deepfakes

Beckage in the News: Protecting Against Deepfakes

Beckage Managing Director, Jennifer Beckage was quoted in a recent Super Lawyers article, where she detailed the steps businesses can take to protect against becoming a victim of a deepfake scam.

“The first step is educating the board and executive teams that these things can be out there, and be used to cause harm or embarrassment,” she says. “It’s not unusual for an executive to have something like this happen to try to smear or tarnish their reputation.”

She also notes there are tools available to help monitor for deepfakes, like Microsoft Video Authenticator, for example, which analyzes photo and video and gives users a confidence score regarding the validity of the sample. 

And then there’s common sense. “We all should be looking more critically at certain things in certain circumstances,” she says. “For example, if an employee receives a video from the president of their company directing them to wire money, ask, ‘Would the president usually send me a video?’”

Jennifer Beckage, Managing Director, Beckage.

Beckage also commented on the recent FBI warning about the rise of deepfakes, which gave consumers tips on how to spot a deepfake. 

“The agency suggests looking between the eyes—does it seem like there’s too much space? Also, does there seem to be an issue with lip and mouth synchronization?” Further guidance includes looking for strange movement in relation to the head and torso.

“But there’s nothing more important than having an incident-response plan,” Beckage says. “If you have a business continuity plan that walks an organization through a fire or a flood, you should have a plan in place that addresses the unique circumstances of a data-security incident. What we often see is that deepfakes are usually part of something else—they tend to arise in the context of a data breach.”

Jennifer Beckage, Managing Director, Beckage

*Attorney Advertising. Prior results do not guarantee similar outcomes. *

GDPRThe EU Commission Releases the Long-Awaited Updated SCCs for Continued Cross-Border Data Transfers

The EU Commission Releases the Long-Awaited Updated SCCs for Continued Cross-Border Data Transfers

One of the most highly contentious areas under the European Union’s General Data Protection Regulation (“GDPR”) is the cross-border data transfer of Personal Data out of the EU and into other regions, especially the US. Last year, the Court of Justice released its highly anticipated decision, Schrems II, where it invalidated the EU-US Privacy Shield as a lawful mechanism to transfer Personal Data into the US but upheld the continued use of the Standard Contractual Clauses (“SCCs”). However, the Court signaled a heightened tension around the transfer of data, even using the SCCs, from the EU to the US, directing companies to consider whether those transfers would require “supplemental measures” prior to utilizing the SCCs to transfer Personal Data from the EU to the US.

In the wake of that decision, the EU Commission, charged with adopting the SCCs, announced its plans to update the SCCs to align with the Schrems II decision, to generally update the document. To date, the current form SCCs used for cross-border data transfers were adopted under the GDPR’s predecessor, the EU Directive on Data Protection, in 2001.

For the last two decades, companies across the globe leveraged the SCCs to validate the on-going transfers of personal data across many borders. However, with the increasing complexities of technology and multi-party data transactions, the limited form and nature of the SCCs continued to create challenges in leveraging the standard documents to fit varying types of cross-border data transfers. On Friday, June 4, 2021, the EU Commission released its long anticipated updated form of the Standard Contractual Clauses, available here.

The New Form Standard Contractual Clauses

The new SCCs include robust obligations on both importers and exporters of personal data under the GDPR and the Schrems II decision. Further, the new SCCs are intended to provide more flexibility and options for companies to better address the complex nature of data transfers.

The new SCCs also include modules for entities to leverage depending on the relationship between the parties involved in the transfer, i.e., controller to processer; processor to processor; etc.  These changes are intended to further align with modern data transfers and to promote the free flow of data. In the EU Commission Press-Release, Vice-President for Values and Transparency, Vera Jourová emphasized that the SCCs provide a useful tool for the free-flow of data:

“In Europe, we want to remain open and allow data to flow, provided that the protection flows with it. The modernized Standard Contractual Clauses will help to achieve this objective: they offer businesses a useful tool to ensure they comply with data protection laws, both for their activities within the EU and for international transfers. This is a needed solution in the interconnected digital world where transferring data takes a click or two.”

The Impact of the New SCCs

The new SCCs are expected to impact and streamline the process of adopting the appropriate contractual language to allow for the cross-border exchange of personal data. Further, the clauses are intended to align closer to the GDPR requirements, which went into effect in 2018, and the recent Schrems II guidance. Commissioner for Justice, Didier Reynders, emphasized that:

“In our modern digital world, it is important that data can be shared with the necessary protection – inside and outside the EU. With these reinforced clauses, we are giving more safety and legal certainty to companies for data transfers. After the Schrems II ruling, it was our duty and priority to come up with user-friendly tools, which companies can fully rely on. This package will significantly help companies to comply with the GDPR.”

The updated SCCs focus on the following key updates:

  • Align with the GDPR and Schrems II decision;
  • Provide simple and flexible model clauses for international transfers;
  • Include more robust data protection obligations (e.g., requiring importers to allow regular audits upon exporter request); and
  • Allow for third parties to acceded to existing SCCS as data exporter or importer (under the Docking Clause).

Transition to New SCCs

The new SCCs go into effect in approximately 20 days. Businesses leveraging previous versions of the SCCs have 18 months to transition to the new SCCs.

Overall, these new SCCs will allow companies to use contractual agreements in the cross-border transfer of personal data that better align to the increasingly complex nature of these transactions. Further, the new versions come at a critical juncture, when companies are struggling to implement the guidance of Schrems II and continue to leverage data processing in multiple regions around the world.  In the wake of the invalidation of the EU-US Privacy Shield, and heightened challenges with cross-border data transfers, the SCCs demonstrate the EU’s commitment to addressing data protection while continuing to allow the continued data flows out of the EU.

In light of this critical development, Beckage recommends that clients taken immediate steps to evaluate all existing agreements that will need to be updated with the new SCCs.  As stated above, companies will have up to 180 days to amend previously executed DPAs to include the new form SCCs. As such, companies will need to discuss a process to review its previously executed contracts and develop a plan to roll out amendments. Additionally, moving forward, companies will need to leverage the updated form SCCs in all new Data Processing Agreements.

At Beckage, we have a team of highly skilled attorneys certified in comprehensive GDPR knowledge that can help your company work towards compliance and data protection in both Europe and the United States.  Beckage works with clients to review current policies and assess data security practices.  Our team can help implement a plan to address the new SCCs.  

*Attorney Advertising. Prior results do not guarantee future outcomes. 

Subscribe to ourNewsletter