A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
An Ounce of Prevention: Keys to Understanding and Preventing AI and Cybersecurity Risks
Calculating eDiscovery Costs: Tips from Brett Burney
State AG Pulse | Content moderation vs. free expression
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Navigating the Digital Frontier: Employee Privacy Rights and Legal Obligations in the Modern Workplace
DE Under 3: OMB Announced Finalized Overhaul to Federal Race & Ethnicity Data Collection Standards
Embracing Data Privacy to Drive Business Growth: On Record PR
Work This Way: A Labor & Employment Law Podcast - Episode 6: Digital Forensics & Protecting Trade Secrets with Clark Walton
PODCAST: Williams Mullen's Trending Now: An IP Podcast - U.S. State Data Privacy Update
Managing Large Scale Review Efficiency: Tips From a GC
AD Nauseam – Children, They are Indeed Our Future – COPPA Developments
1071 Rule Status — The Consumer Finance Podcast
Data Dividend: What is Personal Data Worth?
The Great Link Debate and the Future of Cloud Collaboration
RegFi Episode 9: Consumer Data Collection and Usage with Eric Ellman
On 7 March 2024, the Court of Justice of the European Union issued a ruling (C-604/22 | IAB Europe) clarifying the concepts of personal data and controller in the context of the use of a Transparency and Consent Framework...more
European Parliament Approves EU AI Act - On March 13, 2024, the European Parliament approved the EU Artificial Intelligence Act (“AI Act”). A first of its kind legal framework for AI, the AI Act has extraterritorial effect,...more
In joined Cases C‑26/22 and C‑64/22, related to the German Credit Reference Agency Schufa (see A&O blog on the automated decision making case), the CJEU considered the retention of personal data regarding individuals who had...more
ust over a year ago, on 21 April 2022, the seven economies (Canada, Japan, the Republic of Korea, the Philippines, Singapore, Taiwan, and the USA) participating in the Asia-Pacific Economic Cooperation (APEC) Cross-Border...more
As many employers will be aware, data subject access requests (DSARs) can take up a significant amount of business resources and are a common tactic used by disgruntled employees. A recent decision from the Court of Justice...more
The Court of Justice of the EU (CJEU)1 has held that the General Data Protection Regulation (GDPR) requires controllers to provide data subjects a "faithful reproduction" of their personal data, which takes into account the...more
On 4 May 2023, the European Court of Justice (CJEU) delivered its highly anticipated judgement in Österreichische Post (Case C-300/21) on a crucial issue: the extent to which data subjects affected by a breach of the GDPR...more
Under the European Union’s General Data Protection Regulation (GDPR), individual data subjects have the right to request that the data controller share information regarding the data subject’s personal information...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
On March 25, 2022, the European Union (EU) announced that the United States and the EU had reached an agreement in principle to replace the EU-U.S Privacy Shield framework, which the European Court of Justice (CJEU) struck...more
In July 2020 the Court of Justice the European Union’s (CJEU) Schrems II decision declared the EU-US Privacy Shield Protections inadequate for the protection of European data. On November 10, 2020, the European Data...more
United Kingdom, French and Belgian national security laws (and such laws of other EU Member States) fell under the scrutiny of the Court of Justice of the European Union (CJEU), which on October 6, 2020, ruled on whether such...more
Website and app operators are jointly liable with Facebook for violations of European data protection law - In its judgment of 29 July 2019 (ref.C-40/17), the European Court of Justice has ruled on two essential points...more
On October 6, 2020, the Court of Justice of the European Union (the “Court”) ruled that principles of EU law prevent Member States from requiring a provider of electronic communications services to indiscriminately retain...more
Generally, contact tracing refers to an effort by public health officials to identify individuals with whom a patient who has tested positive for an infectious disease has been in close proximity. Public health officials will...more
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
On July 16, 2020, the Court of Justice of the European Union (CJEU) issued its anxiously-awaited judgment in the Schrems II case. The CJEU’s decision upheld the Standard Contractual Clauses (SCCs) but, somewhat surprisingly,...more
The Court of Justice of the European Union (CJEU) Invalidates the EU-U.S. Privacy Shield- On July 16, 2020, the CJEU invalidated the EU-U.S. Privacy Shield (the Privacy Shield) in its decision in Facebook Ireland v. Schrems...more
A ruling by the highest court in the European Union regarding the common practice of putting a Facebook “Like” button on a website could have repercussions for American companies doing business overseas. In late July, the...more
The European Union’s top court ruled last week that the operator of a Facebook fan page is a “joint controller,” along with Facebook, with respect to personal data collected on such pages. The decision has implications for...more
With the August 1st start of the Privacy Shield, the European Commission’s new and long-awaited transatlantic data transfer agreement with the U.S., businesses that had previously relied on the invalidated Safe Harbor scheme...more