On October 7, 2022, President Biden signed the “Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities,” which outlines the actions the United States will take to implement the commitments made under the European Union-U.S. Data Privacy Framework announced in March 2022. This is a welcome change for U.S. companies grappling with compliance requirements under the EU’s far-reaching data privacy law, the General Data Protection Regulation.
Read more »Tag: gdpr
-
White House Issues Executive Order on EU-U.S. Data Privacy Framework Posted on: October 18, 2022 In: Data Privacy & Cybersecurity
-
Austrian DPA Says Google Analytics Use Violates GDPR Posted on: February 08, 2022 In: Data Privacy & Cybersecurity
In recent months, a total of 101 complaints have been filed against data exporters in Europe for allegedly transferring data to the United States in violation of the European Union’s General Data Protection Regulation (GDPR) by way of the use of Google Analytics. The first decision by the Austrian Data Protection Authority (DPA) on January 13, 2022 held that an Austrian company was in violation of GDPR for impermissibly transferring personal data to the US via Google Analytics.
Read more »
-
China’s Personal Information Protection Law Brings Heightened Data Privacy Regulation to the People’s Republic Posted on: August 27, 2021 In: Data Privacy & Cybersecurity
On August 20, 2021, at the closing meeting of China’s National People’s Conference Standing Committee in Beijing, lawmakers approved the Personal Information Protection Law (PIPL). The PIPL legislates for the protection of personal information and will take effect on November 1, 2021. For businesses transacting with China, the PIPL promises a shift in the way cross-border business is done. This post covers key provisions of the new law to help businesses prepare for the enactment of this legislation.
Read more »
-
Virginia’s Consumer Data Protection Act: Not Quite The CCPA Posted on: March 02, 2021 In: Data Privacy & Cybersecurity
Though it seems Virginia is following California’s lead by becoming the second state with its own comprehensive data privacy legislation, Virginia’s Consumer Data Protection Act (CDPA) diverges from the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) in that it is far more business-friendly and does not have the “teeth” that the CCPA does.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part V: New & Expanded Consumer Rights Posted on: February 08, 2021 In: Data Privacy & Cybersecurity
The newly-passed California Privacy Rights Act (CPRA) includes additional and expanded consumer rights not currently existing under the California Consumer Privacy Act (CCPA). This fifth installment in our series about the changes to the CCPA brought by the CPRA focuses on consumers’ new rights of correction and access to certain personal information and revisions to certain existing consumer rights in the CCPA, including rights to know (and access), deletion, non-discrimination, and rights for minors.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part IV: Data Minimization & Retention Posted on: January 26, 2021 In: Data Privacy & Cybersecurity
The fourth installment in our ongoing series about changes to the California Consumer Privacy Act (CCPA) focuses on the new data minimization and data retention requirements for subject businesses created by the passage of the California Privacy Rights Act (CPRA) on November 3, 2020. These provisions also obligate subject entities to implement business-wide internal policy changes to accommodate the possible need to change their data collection and retention policies before the CPRA is fully operative.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part II: CPRA’s Covered “Businesses” & Exemptions Posted on: December 29, 2020 In: Data Privacy & Cybersecurity
California voters’ approval of the California Privacy Rights Act (CPRA), a privacy ballot initiative that amends and expands the California Consumer Privacy Act (CCPA), is a significant development in the U.S. privacy world. In this second installment of our Digital Insights series on the major changes effected by the CPRA, we discuss what qualifies as a regulated "business" under the Act, and what data exemptions exist.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape: CPRA’s Definition and Treatment of “Sensitive Personal Information” Posted on: December 23, 2020 In: Data Privacy & Cybersecurity
On November 3, 2020, Californians approved Proposition 24, a ballot measure creating the California Privacy Rights Act (CPRA), which amends and expands the provisions and requirements of the California Consumer Privacy Act (CCPA). In this Digital Insights series on the CPRA, we will highlight and detail some of the most substantive and important modifications the new law will impose on the CCPA, and what those changes mean to businesses subject to California’s ever-evolving privacy regime.
Read more »
-
California Voters Make CCPA 2.0 a Reality – California Privacy Rights Act Ballot Measure Passes Posted on: November 10, 2020 In: Data Privacy & Cybersecurity
On November 3, 2020, California voters approved Proposition 24, otherwise known as the California Privacy Rights Act (CPRA), a ballot measure that will expand the privacy protections for California residents under the existing California Consumer Privacy Act (CCPA). Effective January 1, 2023, the CPRA significantly amends the CCPA by expanding consumer rights, heightening privacy protections, and establishing an enforcement agency dedicated to protecting consumers through vigorous enforcement of the law.
Read more »
-
ECJ Invalidates the EU-U.S. Privacy Shield as Adequate Transfer Mechanism Posted on: July 16, 2020 In: Data Privacy & Cybersecurity
In a ruling issued on July 16, 2020, the European Court of Justice (ECJ) invalidated the EU-U.S. Privacy Shield – a primary mechanism available to companies exporting personal data from the European Economic Area (EEA) to the United States.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 3 of 3: Trends and Planning – What it All Means Posted on: June 07, 2019 In: Data Privacy & Cybersecurity
On June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. The final installment of this three-part series will cover trends and planning.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 2 of 3: General Observations on Pending Amendments to the CCPA Posted on: June 05, 2019 In: Data Privacy & Cybersecurity
On June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Privacy Act (“CCPA”) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. Part 2 of this three-part series will look at pending amendments to the CCPA.
Read more »