On May 16, 2024, the Illinois Legislature passed Senate Bill 2979 (SB2979), clarifying how damages are calculated under the Illinois Biometric Information Privacy Act (BIPA). 740 ILCS 14/1, et seq. This amendment confirms...more
The United States privacy landscape becomes more cluttered by the week. While most of the legal media is focusing on federal legislation coming out of Washington, the most significant privacy development in the United States...more
Given the increasing number of data privacy laws in the U.S., entering into appropriate data processing agreements (“DPAs”) with vendors has now become a critical component of vendor management. It can also be one of the most...more
The pace of privacy developments in 2023 has been breathtaking. Since our recent alert regarding Iowa’s comprehensive data privacy law and Colorado’s finalized rules, there have been a number of key developments in data...more
On March 28, 2023, Iowa became the sixth state to enact a comprehensive consumer privacy law. If the thought of having to comply with yet another state privacy law is causing a sense of panic, fret not. Iowa’s bill is largely...more
The European Union’s General Data Protection Regulation (“GDPR”) marked a turning point in privacy and data protection practices globally and transformed how American companies approach the protection of personal data....more
It’s been a blazing hot summer and privacy professionals have been sweating to keep up with all of the updates from the last few months. We all knew this was going to be a busy year with updating European data transfer...more
The EU and US recently announced that they have reached “an agreement in principle” on a new framework to enable EU-US data transfers following the highly impactful EU ruling that dismantled the prior Privacy Shield...more
State legislative activity kicked off with a frenetic pace in 2022 and it seemed that there would be a number of new comprehensive privacy laws this year. Surprisingly to some, many of those efforts in other states fizzled...more
The responsibilities of privacy professionals continue to grow while resources are increasingly difficult to procure. At the Privacy + Security Forum, the deeply experienced panel of privacy professionals consisting of Ami...more
A discussion between Kilpatrick Townsend Partner Amanda Witt and Nicole Beranek Zanon, founding partner of de la cruz Beranek Rechtsanwälte AG, on the new Swiss Data Protection Act and its impact for U.S. clients....more
9/18/2020
/ Data Collection ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
International Data Transfers ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Switzerland
Efforts to Delay the LGPD Fail -
As noted by our firm earlier this spring, Brazilian authorities have considered delaying the General Personal Data Protection Law’s (“Lei Geral de Proteção de Dados” or “LGPD”) effective...more
Any organization that relies on certification under the EU-U.S. Privacy Shield framework and/or entering into the Standard Contractual Clauses (“SCCs” or “Model Clauses”) to effectuate personal data transfers from the...more
7/22/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses
In response to what could quickly become a very hard winter with COVID-19, the Brazilian Federal Senate approved, on April 4, 2020, the Bill 1.179/2020 (“Regime Jurídico Emergencial e Transitório das Relações Jurídicas de...more
When you rub the magic lamp and are offered three wishes for your digital advertising program, how can you use those wishes to avoid €50,000,000 fines from the French CNIL?
Transparency: You need to disclose clearly the...more
On July 10, 2018, the Brazilian Federal Senate approved a General Data Protection Regulation (“Lei Geral de Proteção de Dados” or “LGPD”). The bill, was largely inspired by the European General Data Protection Regulation...more
On September 13, 2018, the International Section of the Georgia Bar sponsored a presentation entitled “EU GDPR Status Updates – Lessons Learned Since May 25th” at the Atlanta offices of Kilpatrick Townsend & Stockton LLP. The...more
The Argentine Data Protection Authority recently issued a new regulation approving two sets of model contractual clauses (controller-to-controller and controller-to-processor) for the international transfer of personal data....more