Attorneys Amanda Witt and Zain Haq recently participated in a panel discussion hosted by Kilpatrick Townsend and organized by the International Association of Privacy Professionals. The discussion provided practical insights...more
While there is no comprehensive, federal United States law governing privacy, there are several major state laws that are currently in place. To help our clients assess their compliance posture, we have published a quick,...more
3/16/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Personal Information ,
State Privacy Laws
Kilpatrick Townsend Partner Amanda Witt (Co-Chair of the firm’s Cybersecurity, Privacy and Data Governance Practice and the firm’s Technology, Privacy & Cybersecurity Team) and Associate Zain Haq recently participated in a...more
In January of 2022, we recommended adding “updating privacy contracts” to your list of New Year’s resolutions. With 2023 around the corner and a number of new privacy laws and regulations going into effect, we have another...more
12/16/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Popular ,
State Privacy Laws
The European Union’s General Data Protection Regulation (“GDPR”) marked a turning point in privacy and data protection practices globally and transformed how American companies approach the protection of personal data....more
We warned you last summer that California Consumer Privacy Act (“CCPA”) enforcement was heating up! The California Attorney General (“CAG”) announced a settlement with cosmetics retailer, Sephora. That, among other penalties,...more
In our second installment of what privacy professionals should know before they start the summer, we provide you with highlights from the draft regulations from the California Privacy Protection Agency (“CPPA”) and...more
It’s been a blazing hot summer and privacy professionals have been sweating to keep up with all of the updates from the last few months. We all knew this was going to be a busy year with updating European data transfer...more
Connecticut’s new privacy law, an Act Concerning Personal Data Privacy and Online Monitoring, also known as the Connecticut Data Privacy Act (“CTDPA”), generally continues the pattern of non-California states enacting...more
The EU and US recently announced that they have reached “an agreement in principle” on a new framework to enable EU-US data transfers following the highly impactful EU ruling that dismantled the prior Privacy Shield...more
State legislative activity kicked off with a frenetic pace in 2022 and it seemed that there would be a number of new comprehensive privacy laws this year. Surprisingly to some, many of those efforts in other states fizzled...more
Most New Year’s resolutions can fall by the wayside, but there is one you will need to keep in 2022 – updating your privacy contracts. This year, privacy professionals will need to spend a significant amount of time updating...more
The responsibilities of privacy professionals continue to grow while resources are increasingly difficult to procure. At the Privacy + Security Forum, the deeply experienced panel of privacy professionals consisting of Ami...more
A hypothetical: you are in-house counsel, and one morning you click on your daily news only to see one of your company’s key contractual counterparties is trending, and not in a good way. The contractual counterparty has...more
Although the California Consumer Privacy Act (“CCPA”) has been in effect since January 1, 2020 and subject to enforcement since July 1, 2020, it seemed until recently that compliance had been somewhat spotty. Well, it’s time...more
Most privacy eyes are currently focused on the new EU Model Clauses and forthcoming U.S. state laws that take effect in 2023. As the summer heats up, however, compliance professionals should look to the western U.S. states of...more
The California Consumer Privacy Act (“CCPA”) and Virginia’s Data Protection Act (“CDPA”) have created a snowball effect, encouraging Colorado to be the third state to enact comprehensive data privacy legislation. On July 7,...more
Long-awaited SCCs for EU Data Transfers Adopted by European Commission with 18-month Transition Period -
The EU has a cross-border data transfer framework gift for you! On June 4, 2021, the European Commission (“EC”)...more
“This call may be recorded for quality assurance or training purposes.” We have all heard the outgoing announcement while on hold. One benefit of this announcement is that this common courtesy is part of good customer...more
On March 11, 2021, the Spanish Data Protection Authority (“AEPD”), imposed the regulator’s largest ever fine, totaling €8.15 million ($9.378 million), upon Vodafone España, S.A.U (“Vodafone”), a telephone operator, for...more
Virginia knocked off California’s crown as the only U.S. state to have a comprehensive, general consumer privacy law when Governor Ralph Northam signed the Virginia Consumer Data Protection Act (“CDPA”) into law on March 2,...more
On November 3, 2020, California voters passed Proposition 24, the California Privacy Rights Act (“CPRA”).
The provision’s timeline is important to consider. The law would become effective on January 1, 2023 with enforcement...more
11/18/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Popular ,
Privacy Laws ,
Private Right of Action
1. Schrems II requires parties relying on the SCCs to implement additional measures ensuring that transferred personal data is adequately protected.
The Schrems II decision did not affirmatively invalidate the SCCs, but...more
A discussion between Kilpatrick Townsend Partner Amanda Witt and Nicole Beranek Zanon, founding partner of de la cruz Beranek Rechtsanwälte AG, on the new Swiss Data Protection Act and its impact for U.S. clients....more
9/18/2020
/ Data Collection ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
International Data Transfers ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Switzerland
Efforts to Delay the LGPD Fail -
As noted by our firm earlier this spring, Brazilian authorities have considered delaying the General Personal Data Protection Law’s (“Lei Geral de Proteção de Dados” or “LGPD”) effective...more