Why Privacy is Your Secret Weapon Against Third-Party Risk
Due Diligence in AI: 3 things you need to survive AI scrutiny
How can founders navigate the explosion of state AI regulations?
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity – Part 1 — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
On 25 July 2024, the EU Commission published its second report on the application of the GDPR (the ‘Second Report’), following its first report published in 2020....more
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
Governing Data Protection Legislation - 2.1. Overview of principal legislation - The General Regulation Data Protection (Regulation (EU) 2016/679) (“GDPR”), as implemented by Law 190/2018 is the principal data...more
The General Data Protection Regulation (GDPR) is a difficult piece of legislation to comply with, and not meeting some of its requirements may lead to hefty fines of up to 4% of global annual revenues of the preceding year or...more
ust over a year ago, on 21 April 2022, the seven economies (Canada, Japan, the Republic of Korea, the Philippines, Singapore, Taiwan, and the USA) participating in the Asia-Pacific Economic Cooperation (APEC) Cross-Border...more
At the end of June, the European Data Protection Board (EDPB) published its Recommendations (Recs) on Binding Corporate Rules (BCRs). Among other things, the Recs require existing and in process BCRs to: - Incorporate...more
It shouldn’t come as a surprise that the European Data Protection Board (EDPB), through Ireland’s Data Protection Commission (DPC), issued another fine against a large US technology company. What may come as a surprise is the...more
In a recent non-binding opinion, EU regulators expressed timid positivity about the European Commission’s draft adequacy decision on the EU-US transatlantic data flows framework (Data Privacy Framework or DPF). While some...more
The European Data Protection Board (EDPB) issued its opinion on the draft adequacy decision of the European Commission (Draft Decision) regarding the EU-US Data Privacy Framework (DPF) on 28 February 2023. The DPF is a...more
The European Data Protection Board (EDPB) has issued a long-awaited opinion on the EU-US Data Privacy Framework. Here are some key takeaways: The scope of the exemptions to the adherence to the principles, including on the...more
On the bumpy road towards a new adequacy decision for EU-U.S. data transfers, the European Data Protection Board (“EDPB”) has published its Opinion 5/2023 (“Opinion”) on the European Commission's (“Commission”) draft adequacy...more
Katten's Privacy, Data and Cybersecurity Quick Bytes is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe. ...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
When it comes to website privacy compliance, cookies have consistently presented the most fraught issues for U.S. businesses. This is especially true for those businesses that find themselves in a sometimes new or often...more
On January 19, the Irish Data Protection Commission (DPC) announced the conclusion of an inquiry into the data processing practices of a U.S.-based messaging service’s Ireland operations and fined the messaging service €5.5...more
On Tuesday, December 13, the European Commission initiated its long-awaited process towards the adoption of an adequacy decision for the European Union (EU)-U.S. Data Privacy Framework (EU-U.S. DPF), which aims to address the...more
Ever since the White House issued its Executive Order to pave a path for the new EU-U.S. Data Privacy Framework, stakeholders have provided both praise and criticism about whether the Executive Order sufficiently addresses...more
Last week, the European Data Protection Board ("EDPB") published a long-awaited update of its guidance on breach notification—which did not contain much news generally. However, it does bring a significant new burden for...more
European data authorities are increasingly united in policing data and privacy violations - It began, innocently enough, with an update to TikTok's privacy policy. Via upbeat messaging, users learned that they would soon...more
Pelosi Statement Dims the Lights on ADPPA - The prospects for the nation’s first comprehensive data privacy law, the American Data Privacy and Protection Act (the “ADPPA” or the “Bill”), dimmed after House Speaker Nancy...more
Data subject access requests (DSARs) are a cornerstone of the data protection regime, being fundamental in helping individuals to exercise their rights. If individuals do not know what information an organisation has about...more
On May 16, 2022, the European Data Protection Board (‘EDPB’) published draft regulatory guidelines (‘draft guidance’) on the calculation of administrative fines for infringements of the EU General Data Protection Regulation...more
The U.S. and many other nations recently imposed unprecedented sanctions on Russia in response to Russia’s military action in Ukraine. More details about some of these sanctions can be found in Dechert’s related OnPoint...more
FTC Warns Companies to Remediate Log4j Security Vulnerability - Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a...more