In September 2023, Delaware became the seventh state in 2023 to enact comprehensive privacy law with the Delaware Personal Data Privacy Act (DPDPA), joining Indiana, Iowa, Montana, Oregon, Tennessee and Texas. The DPDPA will...more
5/14/2024
/ Consumer Privacy Rights ,
Covered Entities ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
EU ,
Exemptions ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
New Legislation ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
State and Local Government ,
State Privacy Laws
On 7 November 2023, in the King’s Speech, the UK government announced three draft laws aimed at supporting tech companies’ growth and competitiveness: the Automated Vehicles Bill (AV Bill), the Digital Markets, Competition...more
12/1/2023
/ Data Protection ,
Digital Single Market ,
Driverless Cars ,
EU ,
Mergers ,
Penalties ,
Personal Data ,
Popular ,
Technology Sector ,
Threshold Requirements ,
UK
On September 7, 2023, the Saudi Authority for Data and Artificial Intelligence (SDAIA) issued the Implementing Regulations of the Personal Data Protection Law (the Implementing Regulations) and the Regulations on Personal...more
10/23/2023
/ Advertising ,
Consent ,
Data Breach ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
Data Transfers ,
Direct Marketing ,
Disclosure Requirements ,
General Data Protection Regulation (GDPR) ,
New Regulations ,
Personal Data ,
Saudi Arabia
The Information Commissioner’s Office (ICO), the personal data protection authority in the United Kingdom (UK), is running a public consultation on its draft guidance on biometric data which covers the requirements under the...more
On August 7, 2023, the Commissioner of Data Protection of the Dubai International Financial Centre (the DIFC), a financial free-zone in the United Arab Emirates, issued the first adequacy decision regarding the California...more
8/18/2023
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Dubai ,
Information Governance ,
International Data Transfers ,
Personal Data ,
United Arab Emirates (UAE)
On 8 June 2023, the UK Prime Minister and the US President jointly announced a commitment to a renewed partnership between the countries, and a framework for economic and diplomatic co-operation (the “Atlantic Declaration”1)....more
On March 27, 2023, the Kingdom of Saudi Arabia (KSA) Council of Ministers approved a series of 27 amendments (the Amendments) to the KSA Personal Data Protection Law (PDPL) pursuant to Royal Decree No. M148 of 05/09/1444H...more
The UK government (the “Government”) has published proposals for a new regulatory framework for artificial intelligence (the “White Paper”). Its goal is to “provide a clear, pro-innovation regulatory environment” to make...more
On November 20, 2022, the Saudi Data and Artificial Intelligence Authority (SDAIA) launched a public consultation (which is open until December 20, 2022) on its proposed amendments to the Personal Data Protection Law (PDPL)....more
Key Points -
On June 9, President Biden signed an executive order (“EO”) revoking a series of Trump-era EOs targeting specific Chinese “connected software applications” (“apps”), including TikTok and WeChat.
The EO calls...more
6/23/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Justice (DOJ) ,
Executive Orders ,
Foreign Adversaries ,
Mobile Apps ,
National Security ,
Personal Data ,
Popular ,
Supply Chain
On March 2, 2021, the Governor of Virginia signed the Virginia Consumer Data Protection Act (CDPA) into law, which goes into effect on January 1, 2023. The law applies only to businesses with large amounts of consumer data...more
The European Commission recently published two highly anticipated draft documents to facilitate data transfers. The first was the new, updated and modernised standard contractual clauses (“New SCCs”) for the transfer of...more
United Kingdom, French and Belgian national security laws (and such laws of other EU Member States) fell under the scrutiny of the Court of Justice of the European Union (CJEU), which on October 6, 2020, ruled on whether such...more
10/14/2020
/ Consumer Privacy Rights ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Electronic Communications ,
EU ,
General Data Protection Regulation (GDPR) ,
Member State ,
National Security ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
UK
On September 29, 2020, Gov. Gavin Newsom signed the California Consumer Privacy Act (CCPA) Sunset Extension Bill, AB-1281, which extends the business to business (B2B) and employee exemptions to the CCPA which were set to...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
10/2/2020
/ California Consumer Privacy Act (CCPA) ,
Consent ,
Cybersecurity ,
Data Breach ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Security ,
Data Subjects Rights ,
DIFC ,
Dubai ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Notice Requirements ,
Penalties ,
Personal Data ,
Popular
The U.S. Department of Commerce, Department of Justice, and Office of the Director of National Intelligence have prepared a White Paper providing a detailed discussion and analysis of the July 16th Data Protection...more
10/1/2020
/ Court of Justice of the European Union (CJEU) ,
Data Protection ,
Department of Justice (DOJ) ,
Departments of Commerce ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses ,
White Papers
The City Council of Portland, Oregon unanimously passed a ban on facial recognition, set to take effect in January 2021. The Portland ban is currently the strongest in the United States, preventing not only government...more
On Thursday, September 17, Senate Commerce Committee Chairman Roger Wicker (R-MS) and other Committee Republicans introduced a finalized version of their long-awaited data privacy legislation, which was first unveiled as a...more
9/22/2020
/ Consumer Privacy Rights ,
Data Privacy ,
Data Processors ,
Data Transfers ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Prior Express Consent ,
Privacy Laws ,
Private Right of Action ,
Proposed Legislation
On August 30 the California Consumer Privacy Act (CCPA) Sunset Extension Bill, AB-1281, passed 63-0. The bill, which was introduced in early 2019, has passed through committee and chambers in the state of California,...more
9/14/2020
/ B2B Organizations ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Subjects Rights ,
Employee Privacy Rights ,
Exemptions ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws
Massachusetts Attorney General (AG) Maura Healey announced the creation of a Data Privacy and Security Division, focusing on protecting consumers from privacy and security breaches and threats. AG Healey named Sara Cable as...more
8/20/2020
/ Consumer Privacy Rights ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Equal Access ,
Internet ,
Personal Data ,
Popular ,
Privacy Laws ,
State Attorneys General
On July 16, 2020, the Grand Chamber of the Court of Justice of the European Union (CJEU) in Luxembourg handed down its highly anticipated judgment in a case brought by privacy activist Max Schrems (C-311/18, Data Protection...more
7/20/2020
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Safe Harbors ,
Standard Contractual Clauses
Republican members of the Senate Commerce, Science and Transportation Committee formally introduced legislation on May 7, 2020, to give Americans more control over and insight into how their personal health, proximity and...more
5/12/2020
/ Consumer Privacy Rights ,
Contact Tracing ,
Data Collection ,
Data Privacy ,
Data Protection ,
Employee Privacy Rights ,
Geological Data ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation ,
Public Health Emergency
On January 1, 2020, the California Consumer Protection Act (CCPA) will become effective for all businesses that, among other things, have at least $25 million in annual revenue and collect or use any personal information of...more
12/31/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Financial Services Industry ,
Fund Managers ,
Investment ,
Investment Firms ,
Investment Management ,
Personal Data ,
Personal Information ,
Privacy Policy
Key Points -
- The Online Privacy Act was introduced in the House of Representatives. If passed, it would establish individual privacy rights related to personal information.
- The Filter Bubble Transparency Act was...more
11/8/2019
/ Covered Entities ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
New Legislation ,
Online Platforms ,
Personal Data ,
Personal Information ,
Privacy Laws
• The Draft Regulations introduced by the California Attorney General’s Office on October 10, 2019 are subject to a public comment period and public hearings that will close on December 6, 2019. Now is the time to act to try...more
10/29/2019
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Proposed Regulation ,
Public Comment ,
Right to Delete ,
Right To Know ,
State Attorneys General