In this month’s Privacy & Cybersecurity Update, we review the TSA’s new cybersecurity requirements for critical U.S. infrastructure, the White House OMB’s new guidance on cyber incident reporting procedures and the U.S.-U.K....more
In this month’s Privacy & Cybersecurity Update, we examine the FBI’s warning to companies regarding cyberattacks targeting confidential M&A activity, as well as the Cybersecurity and Infrastructure Security Agency’s directive...more
12/1/2021
/ Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
FBI ,
International Data Transfers ,
Ransomware ,
Robocalling
Two new Chinese laws dealing with data security and privacy came into force in the fall of 2021 that are likely to have an impact on many multinational companies operating in China or whose operations touch China. These two...more
11/4/2021
/ Algorithms ,
Artificial Intelligence ,
China ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
International Data Transfers ,
Personal Information ,
Personal Information Protection Law (PIPL)
In this month’s edition of our Privacy & Cybersecurity Update, we examine the FTC’s changes to the Gramm-Leach-Bliley Act’s Safeguards Rule and the CFPB’s order requiring six tech companies to disclose information regarding...more
11/2/2021
/ Consumer Financial Protection Bureau (CFPB) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
GEICO ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Multidistrict Litigation ,
Putative Class Actions ,
Safeguards Rule
In this month’s edition of our Privacy & Cybersecurity Update, we examine the California Privacy Protection Agency's public comment period for the California Privacy Rights Act, the U.K. government's public consultation...more
10/4/2021
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Fourth Amendment ,
General Data Protection Regulation (GDPR) ,
Office of Foreign Assets Control (OFAC) ,
Personal Information ,
Public Comment ,
Surveillance
In this issue of UK Employment Flash, we examine the latest employment law developments from the UK, including the law governing the return to the workplace and flexible working requests and a proposal to impose a duty on...more
9/24/2021
/ Anti-Harassment Policies ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Diversity ,
Diversity and Inclusion Standards (D&I) ,
Employee Privacy Rights ,
Employer Liability Issues ,
European Economic Area (EEA) ,
Financial Conduct Authority (FCA) ,
Flexible Work Arrangements ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
International Labor Laws ,
Public Consultations ,
Sexual Harassment ,
Standard Contractual Clauses ,
UK ,
Vaccinations ,
Workplace Safety
In this month’s edition of our Privacy & Cybersecurity Update, we examine FINRA’s report on cloud computing, Connecticut’s new safe harbor for companies following certain cybersecurity protocols and a district court dismissal...more
9/1/2021
/ China ,
Cloud Computing ,
Communications Decency Act ,
Consultation Periods ,
Covered Entities ,
Cybersecurity ,
Data Protection ,
Financial Industry Regulatory Authority (FINRA) ,
International Data Transfers ,
Safe Harbors ,
Section 230 ,
Securities Regulation
In this month’s edition of our Privacy & Cybersecurity Update, we examine cybersecurity guidance issued by New York state, and the Cybersecurity and Infrastructure Security Agency’s new “Bad Practices” website outlining what...more
8/3/2021
/ Best Practices ,
California Consumer Privacy Act (CCPA) ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NYDFS ,
Popular ,
Ransomware
In this month’s edition of our Privacy & Cybersecurity Update, we examine the European Commission’s new Standard Contractual Clauses and the European Data Protection Board’s new recommendations on international data flows. We...more
7/9/2021
/ Computer Fraud and Abuse Act (CFAA) ,
Cybersecurity ,
Data Protection ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Popular ,
Ransomware ,
Schrems I & Schrems II ,
State Privacy Laws
In this month's edition of our Privacy & Cybersecurity Update, we examine the Second Circuit's ruling allowing standing for increased risk of identity theft following a data breach, the European Commission's recently released...more
5/3/2021
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Labor (DOL) ,
EBSA ,
EU ,
European Commission ,
IN Supreme Court ,
Ransomware
In this month’s edition, we examine California’s new regulations enhancing opt-out rights in the California Consumer Privacy Act and the state's selections for the California Privacy Protection Agency’s inaugural board. We...more
4/2/2021
/ California Consumer Privacy Act (CCPA) ,
Commercial General Liability Policies ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
FDCPA ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Opt-Outs ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
State Attorneys General ,
State Privacy Laws ,
TCPA
Brexit has raised many questions regarding the future of data protection and digital trade. Whilst the UK’s incorporation of the General Data Protection Regulation (GDPR) into domestic law in January 2020 eased some...more
3/5/2021
/ Cybersecurity ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Standard Contractual Clauses ,
UK ,
UK Brexit
In this month's edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services' issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit's ruling...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
2/4/2021
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Digital Services ,
Draft Guidance ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
NIST ,
Popular ,
Privacy Policy
On November 10, 2020, the European Data Protection Board (EDPB) adopted its long-awaited recommendations on (1) measures that supplement transfer tools to ensure transfers of personal data outside the European Economic Area...more
12/3/2020
/ Cybersecurity ,
Data Protection ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In this month’s edition of our Privacy & Cybersecurity Update, we examine the passage of the ballot initiative that enacts the California Privacy Rights Act, the U.K. Information Commissioner’s Office’s final guidance on data...more
12/2/2020
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In this month's edition of our Privacy & Cybersecurity Update, we examine the U.S. Treasury's advisories regarding the role of financial intermediaries in ransomware payments, a ruling by the Israeli data protection authority...more
11/3/2020
/ British Airways ,
California Consumer Privacy Act (CCPA) ,
Court of Justice of the European Union (CJEU) ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
Financial Institutions ,
FinCEN ,
International Data Transfers ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
State Attorneys General ,
Surveillance
Open banking is an important driver of the fintech revolution. Regulators have recognised open banking as a means of introducing competition and innovation in the banking sector. Likewise, fintechs are seizing the...more
10/28/2020
/ APIs ,
Banking Sector ,
Banks ,
Basel Committee on Banking Supervision (BCBS) ,
Consent ,
Cybersecurity ,
Data Protection ,
EU ,
European Economic Area (EEA) ,
Financial Institutions ,
FinTech ,
General Data Protection Regulation (GDPR) ,
Monopolization ,
Open Banking ,
Popular ,
PSD2 ,
Regulatory Standards ,
Risk Management ,
Third Party Purchaser (TPP)
In this month's edition, we examine the Swiss data protection authority's comments on the validity of its data-sharing framework with the U.S., as well as the European Data Protection Board's guidance on joint controllers and...more
10/10/2020
/ Biometric Information Privacy Act ,
Class Action ,
Constitutional Challenges ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Protection Authority ,
European Data Protection Board (EDPB) ,
International Data Transfers ,
Joint Control ,
Metadata ,
National Security Agency (NSA) ,
New Guidance ,
Outer Space ,
Personally Identifiable Information ,
Popular ,
Presidential Memorandum ,
Privacy Laws ,
Social Media ,
Swiss Privacy Shield ,
Trump Administration
In this month's edition of our Privacy & Cybersecurity Update, we examine the National Institute of Standards and Technology's four principles of the "explainability" of artificial intelligence and the U.K. Information...more
9/1/2020
/ Anti-Drone Technology ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Drones ,
EU-US Privacy Shield ,
FCC ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Final Rules ,
International Data Transfers ,
NIST ,
Office of Administrative Law ,
Personal Information ,
Popular ,
Privacy Laws ,
Risk Mitigation ,
UK ,
UK ICO
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
8/6/2020
/ Automotive Industry ,
Binding Corporate Rules ,
Broadband Privacy Rules ,
Connected Cars ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Economic Loss Doctrine ,
Enforcement Actions ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
First Amendment ,
Free Speech ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Insurance Industry ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
Misrepresentation ,
Negligence ,
NYDFS ,
Online Platforms ,
P2B ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Schrems I & Schrems II ,
Security Breach ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
UK ,
UK Data Protection Act ,
United Nations
In this month's edition of our Privacy & Cybersecurity Update, we examine the California attorney general's final regulations for the California Consumer Privacy Act and a ruling by the Indiana Court of Appeals involving...more
7/6/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Constitutional Challenges ,
Consumer Fraud ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
EU ,
Popular ,
Privacy Laws ,
Ransomware
In this month's edition of our Privacy & Cybersecurity Update, we examine the Seventh Circuit's ruling finding standing for an Illinois Biometric Information Privacy Act claim, the European Data Protection Board's updated...more
6/1/2020
/ Appeals ,
Biometric Information Privacy Act ,
Blocked Mergers ,
Bulk Electric System ,
Business Interruption ,
Consent ,
Cookies ,
Coronavirus/COVID-19 ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Data Protection Authority ,
Department of Energy (DOE) ,
Employee Privacy Rights ,
European Data Protection Board (EDPB) ,
Foreign Acquisitions ,
Foreign Adversaries ,
General Data Protection Regulation (GDPR) ,
National Security ,
Policy Exclusions ,
Popular ,
Privacy Laws ,
Remote Working ,
Standing ,
Trump Administration
In this month's edition of our Privacy & Cybersecurity Update, we examine Washington state's new facial recognition law, the U.K. Supreme Court's ruling that an employer is not liable for a data breach caused by a disgruntled...more
5/3/2020
/ Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Draft Guidance ,
Employee Misconduct ,
Employer Liability Issues ,
Equifax ,
European Commission ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
FSB ,
Mobile Apps ,
New Guidance ,
NYDFS ,
Phishing Scams ,
Popular ,
Privacy Laws ,
Settlement ,
UK Supreme Court
Many countries around the world are being forced to watch as the only tool they have to suppress COVID-19 — social distancing — causes unprecedented damage to their economies. Because suppression measures may be required...more
4/10/2020
/ Contact Tracing ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Food and Drug Administration (FDA) ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Medical Devices ,
Mobile Apps ,
NHSX ,
Risk Assessment ,
Shelter-In-Place ,
Transparency ,
UK ,
Virus Testing