“This call may be recorded for quality assurance or training purposes.” We have all heard the outgoing announcement while on hold. One benefit of this announcement is that this common courtesy is part of good customer...more
On March 11, 2021, the Spanish Data Protection Authority (“AEPD”), imposed the regulator’s largest ever fine, totaling €8.15 million ($9.378 million), upon Vodafone España, S.A.U (“Vodafone”), a telephone operator, for...more
Virginia knocked off California’s crown as the only U.S. state to have a comprehensive, general consumer privacy law when Governor Ralph Northam signed the Virginia Consumer Data Protection Act (“CDPA”) into law on March 2,...more
On November 3, 2020, California voters passed Proposition 24, the California Privacy Rights Act (“CPRA”).
The provision’s timeline is important to consider. The law would become effective on January 1, 2023 with enforcement...more
11/18/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Popular ,
Privacy Laws ,
Private Right of Action
1. Schrems II requires parties relying on the SCCs to implement additional measures ensuring that transferred personal data is adequately protected.
The Schrems II decision did not affirmatively invalidate the SCCs, but...more
On Tuesday September 29, 2020, the California Governor signed AB 1281, which extends the CCPA’s personnel and “business communications” exceptions’ effective period for one additional year. Those exceptions were set to sunset...more
Efforts to Delay the LGPD Fail -
As noted by our firm earlier this spring, Brazilian authorities have considered delaying the General Personal Data Protection Law’s (“Lei Geral de Proteção de Dados” or “LGPD”) effective...more
Any organization that relies on certification under the EU-U.S. Privacy Shield framework and/or entering into the Standard Contractual Clauses (“SCCs” or “Model Clauses”) to effectuate personal data transfers from the...more
7/22/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses
With slightly less than one month before the July 1, 2020 enforcement date of the California Consumer Privacy Act (“CCPA”), California’s Attorney General announced on June 2, 2020 that he had submitted the proposed final...more
Although U.S. law has broadly enabled the use of electronic signatures since 2000, many companies have not fully adopted the use of electronic signatures across their operations. That resistance to the use of electronic...more
The alarm bells have been sounding about location tracking, and the state legislatures have been responding. Perhaps the loudest ringing in 2020 is from the Washington Privacy Act, the Senate and House versions of which are...more
It’s us again, back with more operationally-focused pointers on the California Consumer Privacy Act (“CCPA”) now that the music has stopped once more and everybody is looking for a place to sit. On Friday February 7th, the...more
On January 21, 2020, Kilpatrick Townsend attorneys Vita Zeltser and John Brigagliano presented a webinar on U.S. biometric data privacy, as a part of Kilpatrick’s regular Retail and Consumer Goods webinar series. The...more
Biometric technology – technology that identifies individuals based on measurements of their biological characteristics, such as facial geometry, voiceprints, or fingerprints – has become a ubiquitous part of the consumer...more
On October 17, 2019, Kilpatrick Townsend attorneys John Brigagliano and Vita Zeltser and Delta Air Lines Assistant General Counsel Jonathan Ware participated in a panel discussion on biometric data privacy, and discussed...more
On October 17, 2019, Kilpatrick Townsend attorneys John Brigagliano and Vita Zeltser and Delta Air Lines Assistant General Counsel Jonathan Ware participated in a panel discussion on biometric data privacy, and discussed...more
On Friday, September 13th, the California legislature passed several amendments to the California Consumer Privacy Act (“CCPA”), and created a new "data broker" registration law that deserves its own blog post and heightened...more
Don’t worry about the new Nevada privacy law, SB 220 signed by the Governor last month, unless you’re selling personal information to a data broker, said no law firm whatsoever in its legal alert. At best they bury the lead,...more
As brands increasingly use data management platforms or customer relationship management platforms to enhance sales, the California Consumer Privacy Act (“CCPA”) will significantly impact a brand’s data practices as the law...more
After almost four years of the largest and most ambitious effort in history to transform a nation with technology, India is looking ahead to protecting the data that it is generating. ...more
Attention all who collect fingerprints and other biometric information of Illinois residents: a private right of action is now available for a mere technical violation of the Illinois Biometric Information Privacy Act...more
2/12/2019
/ Actual Injuries ,
Amusement Parks ,
Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Fingerprints ,
IL Supreme Court ,
Injunctive Relief ,
Liquidated Damages ,
Personally Identifiable Information
When you rub the magic lamp and are offered three wishes for your digital advertising program, how can you use those wishes to avoid €50,000,000 fines from the French CNIL?
Transparency: You need to disclose clearly the...more
On July 10, 2018, the Brazilian Federal Senate approved a General Data Protection Regulation (“Lei Geral de Proteção de Dados” or “LGPD”). The bill, was largely inspired by the European General Data Protection Regulation...more