On March 10, 2025, California Attorney General Rob Bonta announced an investigative sweep targeting the location data industry for potential non-compliance with the California Consumer Privacy Act (the “CCPA”)....more
3/12/2025
/ California Consumer Privacy Act (CCPA) ,
Consent ,
Consumer Privacy Rights ,
Data Brokers ,
Data Privacy ,
Enforcement Priorities ,
Location Data ,
Location Privacy ,
Privacy Laws ,
State Attorneys General ,
State Privacy Laws
On February 20, 2025, the Virginia General Assembly passed HB 2094 the Virginia High-Risk Artificial Intelligence Developer and Deployer Act (the “Act”). The bill now awaits signature by Governor Youngkin. If it becomes law,...more
In this video alert, Dave Albo and Kevin Pomfret review bills discussed in the General Assembly concerning artificial intelligence (AI), the results from the recently concluded legislative session and the executive order...more
Quite understandably, the passing of the AI Act this week by the European Parliament received a great deal of attention, as it represents a significant step forward in developing a legal framework for artificial intelligence...more
On February 28, 2024, President Biden announced he was signing an Executive Order intended to protect Americans’ sensitive personal data. The Executive Order focuses on large-scale transfers of (i) genomic data, (ii)...more
3/5/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
Consumer Financial Protection Bureau (CFPB) ,
Data Brokers ,
Data Transfers ,
Department of Homeland Security (DHS) ,
Enforcement ,
Executive Orders ,
Federal Contractors ,
Geolocation ,
International Data Transfers ,
PHI ,
Privacy Laws ,
Public Agencies ,
Sensitive Personal Information
On July 21, 2023, the Biden administration announced voluntary commitments that several technology companies agreed to make with respect to their artificial intelligence (AI) efforts. These commitments – which pertain to the...more
Legislation enacted during the 2022 session of the General Assembly requires public bodies to report cybersecurity incidents to the Virginia Fusion Center within 24 hours from when an incident is discovered. This...more
FTC Publishes Blog Post That Could Expand Data Breach Notification Requirements –
On May 20, 2022, the Federal Trade Commission (FTC) published a blog post suggesting that, in certain instances, a company may have to do...more
6/17/2022
/ Climate Change ,
Cybersecurity ,
Data Breach ,
Data Protection Acts ,
Department of Homeland Security (DHS) ,
Federal Breach Notification Standard ,
Federal Trade Commission (FTC) ,
FTC Act ,
NOAA ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Request for Proposals ,
U.S. Commerce Department
On April 12 and 13, the International Association of Privacy Professionals (IAPP) hosted their 2022 Global Privacy Summit in Washington, DC. It was another jam-packed event, with fantastic speakers discussing a wide range of...more
Activity in the cybersecurity and data protection space continues to pick up as new laws and regulations are enacted in the U.S. and overseas. Highlighted below are five recent developments that could impact your business . ....more
The month of March has seen significant developments in the cybersecurity and data protection space. Here are four key legal developments that could be critical to your business. . . ...more
3/25/2022
/ Algorithms ,
Biden Administration ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Form 8-K ,
Personal Information ,
Popular ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
We are pleased to present the 2021 Williams Mullen CLE Institute, a virtual legal education program aimed to educate and provide timely legal guidance, as well as to help you to secure your CLE credits.
Our 2021 programs...more
9/24/2021
/ Best Practices ,
Compliance ,
Continuing Legal Education ,
Corporate Counsel ,
Cybersecurity ,
Data Protection ,
Ethics ,
Government Investigations ,
Intellectual Property Protection ,
Labor Regulations ,
Popular ,
Trademarks ,
Webinars
There have been a number of significant legal and policy developments recently related to data and cybersecurity. Some of the most important are...more
6/18/2021
/ Artificial Intelligence ,
Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Security ,
EU ,
Executive Orders ,
Foreign Adversaries ,
General Data Protection Regulation (GDPR) ,
NIST ,
Outer Space ,
Personal Data ,
Ransomware ,
Standard Contractual Clauses ,
State Privacy Laws ,
Working Groups
Virginia Governor Ralph Northam signed the Consumer Data Protection Act (the “Act”) on March 2, 2021. The following are answers to some frequently asked questions about the Act and its impact on organizations doing business...more
3/11/2021
/ Civil Monetary Penalty ,
Consumer Privacy Rights ,
Corporate Counsel ,
Covered Entities ,
Data Controller ,
Data Processing Rules ,
Data Processors ,
Data Protection ,
Exemptions ,
Governor Northam ,
Gramm-Leach-Blilely Act ,
New Legislation ,
Personal Data ,
State Privacy Laws
2021 promises to be an exciting year in the data and privacy space. With the adoption of technologies that collect, analyze, aggregate, distribute and share data, and the implementation of new laws and regulations in...more
2/25/2021
/ Biometric Information ,
Biometric Information Privacy Act ,
Canada ,
Class Action ,
Customs and Border Protection ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Homeland Security (DHS) ,
EU ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
International Data Transfers ,
NPRM ,
PIPEDA ,
Privacy Laws ,
Ransomware ,
UK
2021 promises to be an exciting year in the data and privacy space. With the adoption of technologies that collect, analyze, aggregate, distribute and share data, and the implementation of new laws and regulations in...more
According to published reports, federal, state and local government agencies are receiving anonymized geolocation data (geolocation data) from businesses to monitor the movements of individuals to address COVID-19. Similar...more
Over the last several weeks, virtual meetings have become the new normal for many businesses. Improvements in the technology now mean that virtual meetings have a similar look and feel as in-person meetings. However, there is...more
For some time, government agencies such as the National Institute of Standards and Technology (NIST) have recognized that a “one size fits all approach” is not practical from an information security standpoint. Instead,...more
As a significant number of employees are working remotely due to COVID-19, maintaining adequate cybersecurity measures has been a priority for many businesses. Such concerns are certainly justified, and every effort should be...more
On January 6, 2020 the Bureau of Industry and Security (“BIS”) within the Commerce Department adopted export licensing requirements on certain artificial intelligence software used to automate the analysis of geospatial...more
3/16/2020
/ Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
Canada ,
ECCNs ,
Export Controls ,
Exports ,
Geolocation ,
Licensing Rules ,
Software ,
Technology ,
Technology Sector ,
U.S. Commerce Department
On January 6, 2020 the Bureau of Industry and Security (“BIS”) within the Commerce Department adopted export licensing requirements on certain artificial intelligence software used to automate the analysis of geospatial...more
1/27/2020
/ Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
Canada ,
Emerging Technology Companies ,
Exceptions ,
Export Administration Regulations (EAR) ,
Export Control Reform Act (ECRA) ,
Export Controls ,
Exports ,
Geolocation ,
National Security ,
Popular ,
Software ,
Technology ,
Technology Sector ,
U.S. Commerce Department
Addressing cybersecurity risks invariably involves very technical matters. As a result, in many companies the IT department has been responsible for developing and implementing cybersecurity plans and procedures....more
11/20/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
NIST ,
Personal Information ,
Private Right of Action ,
Proposed Regulation ,
Risk Mitigation ,
Security and Privacy Controls ,
Statutory Damages
As data are quickly becoming significant corporate assets, it’s important to help companies both maximize the value of their data and protect the business against any associated risks. This is particularly true in M&A...more
On this edition of GovCon Perspectives, guest host Kevin Pomfret is joined by Tony Anikeeff. They discuss the myriad of challenges the U.S. government faces and how OTA arrangements offer opportunities to virtually any...more