On April 17, the Washington legislature passed the My Health My Data Act (MHMD Act), which includes some of the most restrictive provisions in any U.S. state privacy law....more
This Update highlights some of the international data protection issues that caught our attention and the attention of our clients over the winter, including updates on European data transfers and cookie compliance,...more
3/15/2022
/ Cookies ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
International Data Transfers ,
Russia
On November 18, 2021, the European Data Protection Board (EDPB) adopted its new draft guidance on the interplay between Article 3 of the European Union’s General Data Protection Regulation (GDPR) and Chapter V of the same...more
This update highlights some of the international data protection issues that caught our attention, and the attention of our clients, over the summer. Asia-Pacific - China’s Data Security Law and Personal Information...more
On June 4, 2021, the European Union’s (EU) executive branch, the European Commission (EC), released their new Standard Contractual Clauses (SCCs) for compliant cross-border data transfers under the EU’s General Data...more
On March 26, with less than a month left in the Washington Legislature’s 2021 session, the House Civil Rights and Judiciary Committee (CRJC) passed the Washington privacy act (2SSB 5062), with amendments, on a straight...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
3/30/2021
/ Asia Pacific ,
CNIL ,
Cookies ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Data Transfers ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Notice Requirements ,
Personal Data ,
Popular ,
Russia ,
South America ,
UK ,
Web Tracking
Risk scenarios and recommendations -
History tells us that unscrupulous actors will exploit any crisis, and COVID-19 is no exception. ...more
After the Washington Privacy Act (“WPA”) failed to pass in 2019, state legislators promised to renew their efforts in the 2020 legislative session....more
The Norwegian Data Protection Authority (DPA) recently announced a €200,000 fine against Oslo’s municipal education agency for several security flaws associated with an app the agency developed for communications between...more
In November 2019, the European Data Protection Board (EDPB) issued its final guidance on territorial scope of the General Data Protection Regulation (GDPR), following release of the draft guidelines in November 2018 and a...more
Along with the California Consumer Privacy Act, the new year brought us a trio of updated breach notification laws, in Oregon, Texas and Illinois. ...more
On Jan. 17, 2019, a new privacy law was proposed in the Washington state Senate. If passed, the Washington Privacy Act would impose far-reaching responsibilities on companies to protect the privacy of “personal data.” ...more
Several weeks ago, South Dakota and Alabama became the final two states to enact data breach notification laws. The Alabama Data Breach Notification Act of 2018 takes effect on May 1, 2018, and imposes information security,...more
Many organizations facing a data-security incident struggle to understand how or why their organization was targeted in an attack. Most simply believe they are too small or too obscure to be targeted by malicious cyber...more
Risk assessments are a fundamental part of any organization’s risk management process. But many organizations still do not incorporate true risk assessments into their information-security planning, even though doing so makes...more