Sports teams, leagues, agents and venues collecting personal information from athletes, fans and sponsors must comply with evolving privacy regulations. Here are key takeaways from a conversation Orrick recently hosted with...more
State legislators nationwide have proposed or passed a flurry of laws to regulate AI, with new ideas continuing to emerge as most state legislatures prepare to convene early next year. The most notable bill to date is the...more
The Department of Justice has finalized prohibitions and restrictions on cross-border transfers of certain data to China and other “Countries of Concern” (as defined below). It seeks to address what is, in the U.S....more
1/21/2025
/ Artificial Intelligence ,
China ,
Cuba ,
Data Privacy ,
Data Security ,
Department of Justice (DOJ) ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
Iran ,
National Security ,
Personal Data ,
Russia
The children’s privacy and online safety regulatory landscape is evolving quickly. To keep up, companies subject to U.K. law should understand their users, enhance safety features and conduct risk assessments, all while...more
We've really seen an explosion of AI laws at the state level in the last year. In 2024 alone, there have been over 600 bills proposed at the state level on AI.
This is really challenging for companies to keep on top of the...more
If passed, the proposed American Privacy Rights Act would dramatically transform data privacy compliance obligations for companies operating in the United States. Shannon Yavorsky — head of Orrick’s global Cyber, Privacy &...more
5/2/2024
/ Covered Entities ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Financial Regulatory Reform ,
Financial Services Industry ,
Legislative Agendas ,
Privacy Laws ,
Proposed Legislation
As companies increasingly leverage AI in their operations, the obligations and expectations for AI-related consumer disclosures continue to evolve. As a result, companies seeking to use consumer-oriented AI face uncertainty...more
Over 5,000 privacy professionals from around the world gathered in Washington, D.C. this month for the International Association of Privacy Professionals’ Global Privacy Summit 2024. The conference focused on debating the...more
Two leading U.S. legislators have unveiled a bipartisan plan to enact the first comprehensive federal data privacy law. The proposed American Privacy Rights Act (APRA) largely mirrors common themes in the patchwork of state...more
On February 28, 2024, President Biden issued Executive Order 14117, calling for new regulations to prohibit or restrict transactions that enable countries of concern to access sensitive U.S. personal and government data. The...more
New Jersey has become the first state to enact a comprehensive consumer privacy law in 2024.
The New Jersey Data Privacy Act will take effect January 15, 2025. The law draws inspiration from the comprehensive state consumer...more
California Gov. Gavin Newsom has signed a bill into law aimed at letting consumers delete their personal information in the hands of data brokers in California....more
On July 10, 2023, the European Commission formally approved the EU-U.S. Data Privacy Framework (“DPF"). You can view our brief video discussion about the DPF or read our initial update.
Companies that maintained their...more
This essential guide to the European Data Act is part of Orrick’s Cybersecurity & Privacy Compass Series. The Cybersecurity & Privacy Compass is your global guide to constant cybersecurity and privacy change.
In this guide,...more
Looking towards 2023, organizations should be mindful of the effective dates of several new state privacy laws in the U.S. Companies should review the new laws to evaluate their applicability and identify potential...more
9/16/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Popular ,
State Privacy Laws
The U.S. Legislature has proposed the first bipartisan comprehensive consumer data protection law, the American Data Privacy and Protection Act (ADPPA). If enacted, the United States would join over 100 countries and several...more
In recent years, the use of artificial intelligence (AI) has proliferated across industries. With the widespread adoption of this technology, many business decisions are now made in consultation with, if not reliance upon, AI...more
From building keycard records to detailed financial information, landlords, developers and property management companies have access to huge amounts of data, and U.S. regulators are starting to take note. A growing number of...more
6/23/2022
/ California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Federal Trade Commission (FTC) ,
Internet of Things ,
Popular ,
Property Management Companies ,
Real Estate Investments ,
State Privacy Laws
At a board meeting on June 8, 2022, the California Privacy Protection Agency (“CPPA”) voted unanimously to move forward with draft revised California Consumer Privacy Act (“CCPA”) regulations, beginning a formal rulemaking...more
France’s data protection authority, the Commission Nationale de Informatique et des Libertés (“CNIL”), has issued one of its highest General Data Protection Regulation (“GDPR”) sanctions to-date against Dedalus Biologie SAS...more
Update: UK international data transfer agreement and UK addendum to the EU standard contractual clauses now in force In February, the Information Commissioner’s Office (“ICO”), the United Kingdom (UK) data protection...more
To help your company get its United States (U.S.) state privacy compliance program on the right track in 2022, Orrick's Cyber' Privacy & Data Innovation Group has analyzed the differences between key topics for the California...more
3/15/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Personal Information ,
State Privacy Laws
Environmental, social, and governance (ESG) factors are increasingly a key area of focus for investors and stakeholders. Businesses today are expected to have policies and strategies focused on long-term value creation and to...more
The California Privacy Rights Act (CPRA) became law on December 16, 2020, and amended the California Consumer Privacy Act (CCPA). When the CPRA becomes fully operative on January 1, 2023, these important changes, among...more
Across the United States (U.S.), 2021 was a busy year for legislative and regulatory-related consumer privacy developments. Our roundup captures some of the major updates that occurred in states throughout the year. We will...more