In an Executive Order (EO) issued March 9, 2022, President Joseph Biden set out the guiding principles for US policy on digital assets and digital asset regulation, including US policy with respect to a US Central Bank...more
The Securities and Exchange Commission (SEC) has joined a host of other regulators in doubling down on efforts to protect against the rapidly intensifying cyber threats - with important implications for all SEC-registered...more
The EU-US Insurance Dialogue Project (“Project”) began in early 2012 as an initiative by the European Commission, the European Insurance and Occupational Pensions Authority (EIOPA), the Federal Insurance Office (FIO) of the...more
11/8/2021
/ Artificial Intelligence ,
Big Data ,
Cross-Border ,
Cyber Threats ,
Cybersecurity ,
EU ,
Insurance Industry ,
International Harmonization ,
NAIC ,
Popular ,
Regulatory Agenda ,
Technology Sector ,
Working Groups
On September 21, 2021, the US Department of the Treasury took actions in response to the increasing prevalence and severity of ransomware attacks in the United States and address the central role that virtual currency and...more
9/27/2021
/ Currency Exchange ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Digital Currency ,
Economic Sanctions ,
Enforcement Actions ,
Office of Foreign Assets Control (OFAC) ,
Ransomware ,
SDN List ,
U.S. Treasury ,
Virtual Currency
There are many similarities between the Colorado Privacy Act (ColoPA), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data privacy Act (VCDPA), and Europe’s GDPR,...more
7/15/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Controller ,
Data Deletion ,
Data Processors ,
Data Protection ,
Data Subjects Rights ,
Enforcement Authority ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Jurisdiction ,
Personal Data ,
Sensitive Personal Information ,
Standard Contractual Clauses ,
State Privacy Laws ,
Statutory Violations
On June 1, 2021, the Delaware Supreme Court affirmed the Court of Chancery’s decision to quash an administrative subpoena seeking extensive records in an unclaimed property audit of AT&T. The Delaware Department of Finance...more
On May 7, 2021, the US House of Representatives Task Force on Artificial Intelligence (AI) held a hearing on “Equitable Algorithms: How Human-Centered AI can Address Systemic Racism and Racial Justice in Housing and Financial...more
Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team – it provides you with a compilation of key privacy and cybersecurity regulatory and legal developments from the...more
3/11/2021
/ California Consumer Privacy Act (CCPA) ,
China ,
Coronavirus/COVID-19 ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Privacy ,
Data Security ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Hong Kong Monetary Authority (HKMA) ,
Popular ,
Schrems I & Schrems II ,
State Privacy Laws ,
Surveillance ,
Virus Testing
On March 2, 2021, Governor Northam signed the Virginia Consumer Data Protection Act (CDPA or the Act) making it the country’s second comprehensive data privacy legislation following California’s Consumer Protection Act of...more
3/5/2021
/ California Consumer Privacy Act (CCPA) ,
Data Controller ,
Data Processors ,
Data Protection ,
Data Protection Acts ,
Enforcement Actions ,
General Data Protection Regulation (GDPR) ,
Governor Northam ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
State Data Privacy Laws
It was a tumultuous year for privacy and cybersecurity, and further uncertainty is all but guaranteed. The key to navigating this volatility, as 2020 proved, is to develop and maintain a proactive, agile and holistic data...more
2/10/2021
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Coronavirus/COVID-19 ,
Cryptocurrency ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
NAIC ,
Popular
Many US companies will face the threat of increased unclaimed property exposure in 2021 as states and private litigants ramp up audits, litigation and legislative changes designed to increase payments to states. Although...more
The massive SolarWinds security breach, which affected not only the private sector, but federal, state and local governments, has caused some to question whether to share data with the government. On Friday, December 18, the...more
On November 3, 2020, California voters passed Proposition 24, the California Privacy Rights Act (CPRA), by approximately 56-44%. This act will amend and supersede the still recent California Consumer Privacy Act (CCPA), once...more
11/10/2020
/ Administrative Agencies ,
Amended Legislation ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Corporate Counsel ,
Cybersecurity ,
Enforcement Authority ,
Minors ,
New Legislation ,
Opt-Outs ,
Personal Information ,
Popular ,
Private Right of Action ,
Sensitive Personal Information
On August 14, 2020, the National Association of Insurance Commissioners (NAIC) adopted a set of principles that will guide the work of insurers and entities, including data providers, that play an active role in the lifecycle...more
If your company, like many other US insurance companies, has an EU or UK affiliate or parent, and you transfer personal data to the US, including employee data or even data of US persons, or if your trusted service providers...more
If you transfer personal data from the EU/UK to countries which lack a so-called “adequacy” determination, like the US or India, or if your trusted service providers do, the Schrems II European Court decision has seismic...more
8/6/2020
/ Binding Corporate Rules ,
Court of Justice of the European Union (CJEU) ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
The long-running dispute between states and the business community over the expansive nature of unclaimed property audits has taken a new turn, with a Delaware state court quashing a subpoena served in the course of an audit...more
If you transfer data from the EU to the US, or if your trusted service providers do, the Schrems II European Court decision1 has seismic significance - even if you do not rely on Privacy Shield.
On July 16, 2020, the Court...more
7/29/2020
/ Binding Corporate Rules ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
On May 5, 2020, the NAIC’s Privacy Protections (D) Working Group met via conference call. The Working Group was formed on October 1, 2019, under the Market Regulation and Consumer Affairs (D) Committee on a referral from...more
In the scramble to come into compliance before the January 1, 2020 deadline, companies may have overlooked a key - and potentially costly - requirement in the California Attorney General draft regulations to the California...more
On February 10, 2020, the California Attorney General published revisions to the proposed regulations (Revised Regulations) to implement the California Consumer Privacy Act of 2018 (CCPA). The changes largely clarify and...more
Unclaimed property audits and compliance issues will continue to be a challenge for companies in a wide range of industries. States view escheat as an important source of revenue, and contingent fee auditors will do their...more
1/29/2020
/ Abandoned Property ,
Audits ,
Capital Estimation Tool ,
Department of Labor (DOL) ,
Due Process ,
Employee Retirement Income Security Act (ERISA) ,
Enforcement ,
Escheat ,
False Claims Act (FCA) ,
Individual Retirement Account (IRA) ,
Legislative Agendas ,
Look-Back Measurement Period ,
Pending Litigation ,
Required Minimum Distributions ,
SECURE Act ,
State and Local Government ,
State Attorneys General ,
Statute of Limitations ,
Unclaimed Property ,
Voluntary Disclosure
The National Association of Insurance Commissioners (NAIC) held its 2019 Fall National Meeting from December 7 through 10 in Austin, Texas. Notable developments from the Fall National Meeting include:
..Bermuda, Japan and...more
12/27/2019
/ Artificial Intelligence ,
Casualty Insurance ,
Flood Insurance ,
Innovation ,
Insurance Industry ,
Life Insurance ,
Liquidity ,
NAIC ,
Property Insurance ,
Regulatory Standards ,
Reinsurance ,
Stress Tests ,
Technology ,
Terrorism Insurance
With companies increasingly worried about what the California Attorney General, and private litigants, will do once the California Consumer Privacy Act comes into effect, they should not lose sight of what the Federal Trade...more
In the run-up to January 1, 2020, the California legislature and Attorney General are rushing to provide clarity to the California Consumer Privacy Act of 2018 (CCPA) - and businesses are rushing to interpret and implement...more
11/18/2019
/ Amended Legislation ,
Anti-Discrimination Policies ,
B2B Transactions ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Brokers ,
Data Deletion ,
Data Privacy ,
Data Security ,
E-Commerce ,
Fair Credit Reporting Act (FCRA) ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Proposed Amendments ,
State Data Breach Notification Statutes ,
Subject Access Request (SAR)