As January 2025 privacy strategy planning ramps up this fall, our Privacy, Security, & Artificial Intelligence team has put together a planning alert for 2024–2025. In this installment, we review the following nine state...more
Kentucky - On April 4, 2024, Kentucky joined the growing number of states to enact data privacy legislation, becoming the third state to do so in 2024 and the fifteenth state overall at the time of enactment....more
Challenges may arise when conducting an internal investigation related to an underlying disclosure by a whistleblower pursuant to the EU Directive, because companies must strictly comply with the GDPR. Failure to comply with...more
يُعد نظام حماية البيانات الشخصية (النظام) أول نظام شامل لحماية البيانات في المملكة العربية السعودية. من المتوقع أن تبدأ الهيئة السعودية للبيانات والذكاء الاصطناعي (الهيئة) في الإنفاذ الكامل للنظام اعتبارًا من 14 سبتمبر 2024،...more
In late 2021, the Quebec legislature passed “The Privacy Legislation Modernization Act” or Law No. 25 (“Law 25”), which was designed to modernize and make significant changes to Quebec’s existing privacy framework....more
Startups face unique challenges that can impact their success and sustainability. Obstacles such as financial constraints (inadequate funding or limited cash flow) and resource constraints often result in small teams having...more
Texas Governor Greg Abbott signed into law the Texas Data Privacy and Security Act (TDPSA) on June 18, 2023. With the passage of TDPSA, Texas becomes the tenth state to adopt a consumer data privacy law. TDPSA passed the...more
The collection of personal data by organizations in the sports industry creates unique data privacy challenges. Generally, a business-to-consumer organization is focused on the personal data of its customers and separately...more
As data privacy regulations have become increasingly commonplace in the last decade, organizations have had to strategically assess how they collect, process, store, and sell consumer data. To better equip themselves for this...more
The first major consumer-focused privacy regulation in the U.S., the California Consumer Privacy Act (CCPA), came into effect on January 1st, 2020, which seems like a lifetime ago. Now it’s April 2022, and there are several...more
Here are five things you should know about Google Analytics, transfers and Schrems II. 1. Down to Middle Earth We Go Brush up on your J.R.R. Tolkien because Datatilsynet in its new guidance on cloud providers, says you...more
The California Office of Attorney General (OAG) is responsible for enforcing the CCPA and began sending notifications of alleged non-compliance to companies on July 1, 2020. Almost a year later, in June of 2021, the OAG...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the National Institute of Standards and Technology's four principles of the "explainability" of artificial intelligence and the U.K. Information...more
Following the outbreak of COVID-19, organizations have been implementing exceptional measures to maintain "business-as-usual" to the extent allowed by their particular circumstances and to protect their employees, customers...more
Report on Supply Chain Compliance 3, no. 5 (March 5, 2020) - On Feb. 3, Facebook Inc. informed the Irish Data Protection Commission (DPC) that it would be rolling out a new dating service Feb. 14. The DPC was concerned about...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed replacing the main pre-GDPR legislation...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Old legislation has been updated in addition to new legislation being...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Slovenia is in the process of adopting new legislation (the “Draft Law”)....more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? The main national pre-GDPR act on data privacy has been revoked, whereas...more