2025 Privacy Law Preview: Be Prepared
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Caregivers in Cybersecurity — Unauthorized Access Podcast
#WorkforceWednesday: California's Upcoming Cyber Audit and Automated Tech Rules - Employment Law This Week®
Data Dividend: What is Personal Data Worth?
Podcast: Data Privacy and Info Security in Finance: The Lay of the Land [More with McGlinchey, Ep. 52]
2023 New Data Privacy Requirements
Guidepost in Motion EP27: Privacy Matters Part 2: “TMI”-The Privacy Dilemma of Social Media
Webinar Recording – Assessing the Surge in Wiretap Litigation
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Colorado’s New Comprehensive Privacy Law
#WorkforceWednesday: 2020 in Review and What's to Come in 2021
Sitting with the C-Suite: How Do Corporations Manage the Convergence of Data during Remote Work?
On-Demand Webinar | Protecting Information in a Work-From-Home World
“It’s the most wonderful time of the year”—or is it? Unfortunately, it can be the most wonderful time for criminals, who try to prey on financial generosity through scams and frauds. Extra vigilance is needed during the...more
Cybersecurity threats continue to grow and evolve, increasing pressure on organizations to maintain operational resilience and protect their key assets, such as critical infrastructure and sensitive data. As cyberattacks...more
Starting January 2025, five state privacy laws will take effect, providing consumer privacy rights to a new swath of individuals across the country. Delaware, Iowa, Nebraska, and New Hampshire’s laws will go into effect on...more
On November 22, the California Privacy Protection Agency (the Agency) published its NPRM proposing amendments to existing regulations under the California Consumer Privacy Act (CCPA). These changes aim to enhance state...more
On November 26, the U.S. District Court for the Northern District of Georgia received notice of a class-wide settlement reached between plaintiffs, an individual and a class of similarly situated harmed individuals, and the...more
In 2025, eight state privacy laws are going into effect: five of them in January. (Four of those on January 1.) And two cure periods are ending. As a privacy pro, you may already know this. If you don’t, this is a great time...more
Businesses in the US will be subject to a lot more scrutiny from consumers and regulators in 2025. With eight new data privacy laws going into effect over the course of the year, attorneys general will be eager to show...more
Over the last few years, 71% of countries have enacted data protection laws, reflecting the global emphasis on data privacy across industries. For businesses operating internationally, complying with diverse data privacy...more
Recent statements by South Africa’s Information Regulator (“IR”) indicate an impending crackdown on data privacy compliance, specifically within the banking and insurance sectors. The IR has announced its intention to enforce...more
Under many circumstances, state privacy laws require businesses to pass a consumer’s valid deletion request to any entity that processes the data on behalf of the business or otherwise is a recipient of the data. These...more
The California Consumer Privacy Act of 2018 (as amended, including by the California Privacy Rights Act, the “CCPA”) was drafted by a privacy rights activist, initially passed and later amended multiple times by the...more
The Guangzhou Internet Court released the first ruling interpreting the requirements for cross-border transfer of personal information under the Personal Information Protection Law (PIPL). This case has significant...more
On September 30, 2024, China’s State Council released the Network Data Security Management Regulations, which will enter into force on January 1, 2025. The regulations apply to “electronic data processed and generated through...more
Our Consumer Protection/FTC and Privacy, Cyber & Data Strategy teams unpack Starwood Hotels’ and Marriott International’s settlements with the Federal Trade Commission and Marriott’s settlement with state attorneys general...more
Le 22 septembre 2024, un nouveau droit individuel à la portabilité des données est entré en vigueur en vertu de la législation québécoise sur la protection de la vie privée applicable dans le secteur privé, soit la Loi sur la...more
Additional and clarified data compliance obligations will soon come into force under the long-awaited Network Data Security Management Regulation (“Regulation“), which was released on 30 September 2024. The Regulation is...more
On September 24, 2024, the State Council released the Regulations on the Management of Network Data Security (《网络数据安全管理条例》) (“Regulations”). The Regulations focus on prominent issues related to Personal Information (PI),...more
On September 22, 2024, a new individual right to data portability came into force under Quebec’s privacy legislation applicable in the private sector (the Act respecting the protection of personal information in the private...more
Welcome to this month’s issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security, & Data Protection practice....more
We previously wrote about proposed changes to the definition of sensitive personal information under a June 2024 draft of the Guide for Sensitive Personal Information Identification (“Guide“). The Guide has now (September...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
The review of Alberta's Personal Information Protection Act (PIPA) currently underway by the Alberta Standing Committee on Resource Stewardship (the Committee) continues, with the Privacy Commissioner of Canada recently...more
In November 2023, a class action lawsuit was filed against the genetic testing company, 23andMe. The plaintiffs alleged that a data breach resulted in the unauthorized disclosure of 6.9 million users’ personal and genetic...more
On September 22, 2024, the fourth wave of amendments to Québec’s Act respecting the protection of personal information in the private sector(“Act”) will take effect. Arguably, the most important change it will introduce is...more
The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more