Less than two months after the California Privacy Protection Agency (“CPPA” or “Agency”) formally took over rulemaking for the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act...more
6/8/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Policy Drafting ,
Popular ,
Regulatory Agenda
At an open meeting on February 9, 2022, the Securities and Exchange Commission voted three-to-one to propose new and amended rules regarding cybersecurity risk management, cyber incident reporting and cyber risk disclosure...more
On January 12, 2022, the French data protection authority (“CNIL“) published guidance on the reuse of personal data by processors for their own purposes (the “Guidance”)....more
1/28/2022
/ CNIL ,
Data Breach ,
Data Management ,
Data Processors ,
Data Protection ,
EU ,
FCC ,
France ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Privacy Laws ,
Regulatory Reform ,
Regulatory Standards
Few things are certain, but it is indisputable that in 2022 data will remain big; data driven technologies will create unparalleled opportunity and risk; the frequency and sophistication of cyberattacks will shatter...more
1/7/2022
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Hackers ,
International Data Transfers ,
Machine Learning ,
Popular ,
Ransomware ,
Regulatory Agenda ,
Section 5
On 10 February 2021, over two and a half years after the anticipated adoption of the e-Privacy Regulation, European Member States have agreed to a revised text. Portending a potential break in the three-year impasse, the...more
2/17/2021
/ Cybersecurity ,
Data Protection ,
e-Privacy Directive ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Member State ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Agenda ,
Regulatory Requirements
On November 12, 2020, the European Commission (EC) published a long anticipated draft of new Standard Contractual Clauses (SCCs) for the transfer of personal data from the European Economic Area (EEA) to third countries whose...more
11/17/2020
/ Data Protection ,
Data Transfers ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Regulatory Agenda ,
Rulemaking Process ,
Schrems I & Schrems II ,
Standard Contractual Clauses
The German antitrust authority (FCO) has ordered Facebook to stop collecting data outside Facebook’s platform without the user’s “voluntary consent.” The decision breaks new ground because it links data protection and...more
2/8/2019
/ Abuse of Dominance ,
Antitrust Investigations ,
Antitrust Violations ,
Competition Authorities ,
Data Collection ,
Data Protection ,
Facebook ,
Federal Cartel Office (the FCO) ,
General Data Protection Regulation (GDPR) ,
Germany ,
Instagram ,
Monopolization ,
Prior Express Consent ,
WhatsApp ,
Without Consent
The Securities and Exchange Commission’s (the “SEC” or the “Commission”) Office of Compliance Inspections and Examinations (“OCIE”) announced in an April 15, 2014 Risk Alert (the “Alert”) that it will be conducting...more
Executive Summary: Federal Trade Commission v. Wyndham Worldwide Corp.
A U.S. District Court has ruled this week that the Federal Trade Commission (FTC) has authority under Section 5 of the FTC Act to bring enforcement...more
The SEC and CFTC recently issued joint Identity Theft Red Flags Rules (the “Rules”), which are rules and guidelines requiring certain financial institutions worldwide to adopt comprehensive data security programs to detect...more
With the rise in targeted, sophisticated, malicious attacks on corporate America’s electronic infrastructure, companies are increasingly focused on their cybersecurity disclosure obligations. There is a growing concern that...more