On November 27, the California Privacy Protection Agency (CPPA) released draft regulations on automated decision-making technologies (ADMT) pursuant to the Consumer Privacy Protection Act, as amended (CCPA). The proposed ADMT...more
Congress has repeatedly failed to pass comprehensive national data protection legislation, and the states are rapidly filling the void with laws that impose different requirements on a state-by-state basis.
Most of these...more
President Biden recently signed the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities and supporting regulations (collectively, the “Executive Order”), enhancing privacy and civil...more
10/18/2022
/ Corporate Counsel ,
Data Security ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Executive Orders ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Joe Biden ,
U.S. Commerce Department
Accurate and timely data is essential for successful Diversity, Equity and Inclusion Initiatives and other critically important programs, but when data collection activities collide with the GDPR risks may escalate. Here’s...more
5/16/2022
/ Data Collection ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Diversity ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Human Resources Professionals ,
International Data Transfers ,
Job Applicants ,
Sensitive Personal Information ,
Standard Contractual Clauses ,
UK
Summaries of recent legislative and regulatory developments with respect to:
•SEC’s 2022 Examination Priorities • Proposed Amendments to Form PF Requirements-
•Proposed New Rules Applicable to Private Fund Advisers and...more
5/5/2022
/ Anti-Money Laundering ,
Beneficial Owner ,
Broker-Dealer ,
CFTC ,
Commodity Trading Advisors (CTAs) ,
CPOs ,
Cryptocurrency ,
Cybersecurity ,
Department of Labor (DOL) ,
Digital Assets ,
Employee Retirement Income Security Act (ERISA) ,
Environmental Social & Governance (ESG) ,
Fiduciary Rule ,
Foreign Investment ,
General Data Protection Regulation (GDPR) ,
Investment Adviser ,
Investment Funds ,
NFA ,
Proxy Voting ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Threshold Requirements
U.S. state legislatures accelerated efforts in 2021 to fill the gap created by the absence of national data privacy legislation. California, Virginia, and Colorado passed or amended data protection laws, and the trend is...more
12/10/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Privacy ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Opt-Outs ,
Privacy Laws ,
Privacy Policy ,
Risk Assessment
Summaries of recent legislative and regulatory developments with respect to:
•The SEC’s Examination Priorities for 2021-
•The SEC’s Focus on Digital Asset Securities-
•The SEC’s New Marketing Rule... ...more
4/1/2021
/ Accredited Investors ,
Anti-Money Laundering ,
BEA ,
Broker-Dealer ,
CARES Act ,
CFIUS ,
Chief Compliance Officers ,
Client Funds ,
Common Reporting Standard (CRS) ,
Compliance ,
Coronavirus/COVID-19 ,
Department of Justice (DOJ) ,
Digital Assets ,
Disclosure ,
Employee Retirement Income Security Act (ERISA) ,
Environmental Social & Governance (ESG) ,
EU ,
Financial Fraud ,
Financial Industry Regulatory Authority (FINRA) ,
FinTech ,
Foreign Investment ,
Form CRS ,
General Data Protection Regulation (GDPR) ,
IARD ,
Investment Adviser ,
Investment Advisers Act of 1940 ,
Investment Portfolios ,
Net Operating Losses ,
Office of Foreign Assets Control (OFAC) ,
Recordkeeping Requirements ,
Registered Investment Advisors ,
Safe Harbors ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Tax Cuts and Jobs Act ,
U.S. Treasury ,
Unauthorized Transactions
On March 2, the Virginia Consumer Data Protection Act (VCDPA) was signed into law, becoming the second comprehensive state privacy law in the United States. The VCDPA reflects core principles from the California Consumer...more
3/9/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Privacy ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opt-In ,
Personal Data ,
Personal Information ,
Privacy Disclosures ,
Privacy Laws ,
Risk Assessment ,
Virginia
As we began exploring last week in Part I of our Post-Brexit, Schrems II, and the GDPR: Privacy Compliance Priorities in Early 2021 series, significant developments in late 2020 charted a course in privacy/cyber compliance...more
2/1/2021
/ DPA ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK ,
UK Brexit
On December 31, 2020, the Brexit transition period ended and the United Kingdom’s (UK) domestic implementation of the GDPR, the UK Data Protection Act 2018, as amended (UK GDPR), now governs the processing of personal data in...more
The Court of Justice of the European Union (CJEU) Invalidates the EU-U.S. Privacy Shield-
On July 16, 2020, the CJEU invalidated the EU-U.S. Privacy Shield (the Privacy Shield) in its decision in Facebook Ireland v. Schrems...more
7/17/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Collection ,
Data Transfers ,
EU ,
EU-US Privacy Shield ,
European Court of Justice (ECJ) ,
General Data Protection Regulation (GDPR) ,
Standard Contractual Clauses ,
Surveillance ,
U.S. Commerce Department