As state legislatures begin their 2020 sessions, proposals for stronger privacy laws are at the top of the agenda across the country. Carrying forward the story we told in reports in February, April, and July of last year,...more
2/4/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Personal Information ,
Privacy Laws ,
Proposed Legislation ,
State Data Privacy Laws
In recent months, the Office of the Information Commissioner of the UK (“ICO”) has been looking into how personal data is used in real time bidding (“RTB”) in programmatic advertising, involving key stakeholders, including in...more
On May 1, 2019, the Senate Commerce Committee held a hearing on “Consumer Perspectives: Policy Principles for a Federal Data Privacy Framework”—the Committee’s third hearing during this session discussing principles for...more
5/7/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Congressional Investigations & Hearings ,
Consumer Privacy Rights ,
Data Privacy ,
Data Protection Authority ,
Enforcement Authority ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Preemption ,
Privacy Laws ,
Regulatory Authority
Since our February 20, 2019 report on privacy bills moving through state legislatures around the country, four new bills modeled on the California Consumer Privacy Act (CCPA) have been introduced—in Connecticut, New York,...more
The enactment in June 2018 of California’s sweeping new privacy law, the California Consumer Privacy Act (CCPA), has both increased momentum for enactment of a general federal privacy law and spurred state legislatures to...more
The enactment in June 2018 of California’s sweeping new privacy law, the California Consumer Privacy Act (CCPA), has both increased momentum for enactment of a general federal privacy law and spurred state legislatures to...more
2/20/2019
/ California Consumer Privacy Act (CCPA) ,
Congressional Intent ,
Congressional Investigations & Hearings ,
Corporate Counsel ,
Covered Entities ,
Federal Trade Commission (FTC) ,
GAO ,
General Data Protection Regulation (GDPR) ,
NIST ,
Personal Data ,
Privacy Laws ,
Proposed Legislation ,
Public Hearing ,
Trade Associations
The European Data protection Board (“EDPB”), which is composed of representatives of the national data protection authorities, and the European Data Protection Supervisor, adopted its report on the second annual review of the...more
2/4/2019
/ Court of Justice of the European Union (CJEU) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Information Reports ,
International Data Transfers ,
National Security ,
Personal Data ,
Surveillance ,
Transparency ,
US-EU Safe Harbor Framework
On June 28, 2018, California enacted the California Consumer Privacy Act of 2018 (CCPA), a sweeping privacy law that provides consumers with broad notice, access, and deletion rights concerning many types of personal...more
7/3/2018
/ Cybersecurity ,
Data Breach ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
Governor Brown ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
New Regulations ,
Personal Data ,
Privacy Laws ,
Private Right of Action ,
Statutory Damages
This is the inaugural issue of WilmerHale’s 8-in-8 Recent Trends in European Law and Policy Alert Series. Over the next eight weeks, our attorneys will share insights on current and emerging issues affecting companies doing...more
5/31/2018
/ Cybersecurity ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Multinationals ,
Personal Data ,
Popular
This is the inaugural issue of WilmerHale's 8-in-8 Recent Trends in European Law and Policy Alert Series. Over the next eight weeks, our attorneys will share insights on current and emerging issues affecting companies doing...more
Brexit raises critical issues regarding the future transfer of personal data outside of the EU, not least as to the role of the UK Data Protection Authority, the Information Commissioner’s Office (“ICO”), and as to its...more
11/22/2017
/ Binding Contractual Rules ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Member State ,
Personal Data ,
Popular ,
UK ,
UK Brexit ,
UK Data Protection Act
On October 18, the Article 29 Working Party released its draft of “Guidelines on Personal data breach notification under Regulation 2016/679” (“Guidelines on Personal data breach notification,” WP250). The guidelines are not...more
On October 18, the Article 29 Working Party released its draft of “ Guidelines on Automated individual decision-making and Profiling for the Purpose of Regulation 2016/679” (“Guidelines on Automated individual decision-making...more
The UK Information Commissioner’s Office (ICO) continues to play an active role in shaping data protection law in the EU, notwithstanding the UK’s decision to leave the EU in the aftermath of Brexit. On April 6, 2017, the ICO...more
On February 6, 2017, the FTC and New Jersey Attorney General and Department of Consumer Affairs filed a Complaint and Stipulated Order for Permanent Injunction and Monetary Judgment against television manufacturer VIZIO,...more
The European Commission formally adopted the EU-US Privacy Shield on July 12, 2016, ending months of legal uncertainty with a new framework for governing transatlantic data transfers after the Privacy Safe Harbor framework...more
7/13/2016
/ Data Protection Authority ,
Data Retention ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Privacy Policy ,
Self-Certification ,
Surveillance ,
Third-Party ,
U.S. Commerce Department
After months of back and forth, an updated version of the EU-US Privacy Shield agreement originally announced in February is on the verge of being formally adopted on Tuesday, July 12, 2016. While the final documents...more
A mobile device’s geolocation can be passed to apps and ad networks through various application programming interfaces (APIs) provided by Android or iOS, but there are other ways to determine a consumer’s location using...more
On Monday, February 29th, the European Commission and U.S. Department of Commerce released a collection of documents summarizing actions taken on both sides of the Atlantic to implement the new Privacy Shield framework. This...more
3/2/2016
/ Article 29 Working Group ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Self-Certification ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
On December 15, 2015, the European Union reached an agreement on the final text of the new General Data Protection Regulation. The Regulation will replace the 1995 Data Protection Directive, which is currently the basis for...more