New York is gearing up to enact some of the toughest cybersecurity, privacy and data protection laws in the country. Modeled on the European Union’s General Data Protection Regulation (GDPR) and the California Consumer...more
7/18/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
Notification Requirements ,
Pending Legislation ,
Personal Data ,
Personally Identifiable Information ,
SHIELD Act ,
State and Local Government ,
State Data Breach Notification Statutes
1. Binding Corporate Rules To Facilitate Intragroup Data Transfer -
Personal data is meant to circulate without boundaries inside the European Union (EU). The General Data Protection Regulation (GDPR) subjects personal...more
Until recently, whistleblowing raised many concerns in France and other European countries. Reporting on colleagues’ behavior, even if unlawful, was seen as risky business that could lead to dismissals and criminal sanctions...more
Evidence gathering differs greatly between common law and civil law jurisdictions. For example, while a U.S. judge may in many instances allow extensive pretrial discovery, a French judge would generally consider nearly any...more
4/5/2019
/ Blocking Statutes ,
CLOUD Act ,
CNIL ,
Cross-Border ,
Data Protection ,
Discovery ,
Evidence ,
Extraterritoriality Rules ,
France ,
General Data Protection Regulation (GDPR) ,
Hague Convention ,
Litigation Strategies ,
Regulatory Standards
On Jan. 21, 2019, the French Data Protection Authority (CNIL) levied a 50 million euros sanction against Google LLC for violating the EU General Data Protection Regulation2 (GDPR) in the context of the first enforcement...more
2/27/2019
/ CNIL ,
Corporate Counsel ,
Data Protection ,
Enforcement Actions ,
EU Data Protection Laws ,
Fines ,
General Data Protection Regulation (GDPR) ,
Google ,
Personal Data ,
Popular ,
Prior Express Consent ,
Regulatory Violations ,
Transparency
This Update highlights key legal and policy developments in cybersecurity and privacy law that may impact important trends for 2019 and beyond. A central takeaway from 2018 is that regulators in the U.S. and abroad are...more
1/28/2019
/ California Consumer Privacy Act (CCPA) ,
Carpenter v US ,
CLOUD Act ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
Facebook ,
General Data Protection Regulation (GDPR) ,
Google ,
Hackers ,
International Data Transfers ,
Marriott ,
Microsoft ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Power Plants ,
Risk Management ,
Russia ,
Securities and Exchange Commission (SEC) ,
Stored Communications Act
On June 28, 2018, the California Consumer Privacy Act of 2018 (CCPA) was signed into law. The bill was drafted and passed quickly, just prior to a deadline for removing a similar initiative from the ballot that would have...more
The Clarifying Lawful Overseas Use of Data Act (CLOUD Act) was recently signed into law as part of the omnibus appropriations bill. ...more
5/1/2018
/ CLOUD Act ,
Cloud Storage ,
Criminal Investigations ,
Dismissals ,
Electronically Stored Information ,
Extraterritoriality Rules ,
International Litigation ,
Mootness ,
SCOTUS ,
Search Warrant ,
Stored Communications Act ,
Subpoenas ,
US v Microsoft
The U.K.’s Criminal Finances Act 2017 (the “Act”), which went into effect on Sept. 30, 2017, significantly expands the U.K.’s ability to prosecute the criminal facilitation of tax evasion....more
On June 26, the D.C. Circuit, en banc, split 5-to-5 on whether to grant a petition seeking to overturn an August 2016 ruling by a three-judge panel that determined that Securities and Exchange Commission (SEC) administrative...more