By now, many of us are using AI, advising others about how to use AI, and waiting for some legislative miracle to give us some guardrails for what we can or cannot be doing with AI. A lot of effort has been put into tracking...more
10/11/2023
/ Argentina ,
Artificial Intelligence ,
Australia ,
Canada ,
Corporate Counsel ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Ireland ,
Italy ,
Japan ,
Machine Learning ,
New Zealand ,
Norway ,
Popular ,
Regulatory Agenda ,
South Korea ,
Spain ,
UK
This update highlights some of the international data protection issues that caught our attention, and the attention of our clients, over the summer. Asia-Pacific - China’s Data Security Law and Personal Information...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
3/30/2021
/ Asia Pacific ,
CNIL ,
Cookies ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Data Transfers ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Notice Requirements ,
Personal Data ,
Popular ,
Russia ,
South America ,
UK ,
Web Tracking
One decision, two far-reaching effects. This aptly describes the Supreme Court’s Jan. 21, 2020, decision to deny Facebook’s petition for certiorari in Patel v. Facebook....more
Over the past year, a host of new national, state and local laws have been introduced to regulate the collection and use of biometric information. Although these proposals vary in their requirements, certain elements appear...more
Imagine you are playing golf, badly, and at the fourth hole a caddy appears out of nowhere with a large box and an offer. In exchange for $20, you can open the box, which may contain high-tech clubs to improve your game,...more
The California Consumer Privacy Act (CCPA) is a comprehensive new consumer protection law set to take effect on January 1, 2020. In the wake of the CCPA’s passage, approximately 15 other states introduced their own CCPA-like...more
3/28/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Right to Delete
The use of wearable technology (colloquially known as “wearables”) has been on the radar of athletes, sponsors, sports teams and leagues for years, with the various constituencies carefully balancing the necessity for player...more
The Internet of Things (IoT) is rapidly changing the digital landscape for business. An increasing number of physical items – from refrigerators and televisions to cars and skyscrapers – are now connected to the Internet (and...more
On August 7, 2017, the Securities and Exchange Commission (SEC) released its latest cybersecurity risk alert, detailing findings from the examination of 75 broker-dealers, investment advisers and investment companies carried...more
8/17/2017
/ Broker-Dealer ,
Cybersecurity ,
Data Breach Plans ,
Data Privacy ,
Data Protection ,
Data Security ,
Investment Adviser ,
OCIE ,
Popular ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Third-Party ,
Training
With the first compliance deadline now less than two months away, the New York Department of Financial Services (NYDFS) has provided additional clarity concerning its new Cybersecurity Requirements for Financial Services...more
In our 2017 BakerHostetler Data Security Incident Response Report, we addressed the increasingly ubiquitous scourge of ransomware, one of the fastest-growing types of malware causing data security incidents. We noted that...more
As noted in the 2017 BakerHostetler Data Security Incident Response Report, the enactment of the EU General Data Protection Regulation (GDPR) represents the most significant change in European data protection law in more than...more
On March 27, 2017, the Colorado Department of Regulatory Agencies proposed changes to the Colorado Securities Act that would impose new cybersecurity requirements on investment advisers and broker-dealers (the “Proposed...more
On February 16, 2017, the New York Department of Financial Services (NYDFS) announced the release of its finalized Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulation”), which will take...more
On January 6, the Federal Trade Commission (FTC) announced that it had filed a complaint against Taiwanese D-Link Corp. and its U.S. subsidiary, D-Link Systems Inc. (D-Link), alleging the company made deceptive claims about...more
The Data Protection Authority of Hamburg, Germany has made good on its promise to audit cross-Atlantic data transfers in the wake of the October 2015 Safe Harbor decision. On June 6, the Hamburg DPA announced that it had...more
On April 13, 2016, the Article 29 Working Party (WP29), an influential group of European data protection authorities, issued a non-binding opinion that criticized certain elements of the fledgling Privacy Shield framework....more
5/11/2016
/ Article 29 Working Party (WP29) ,
Binding Arbitration ,
Criminal Procedure ,
Data Processors ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Judicial Redress Act ,
Ombudsman ,
Opt-Outs ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Surveillance ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
Every tax season is plagued with scams to defraud individuals and companies for money from tax returns. However, this year has started off with a bang and this means that the healthcare industry has another reason to worry....more
3/14/2016
/ Data Breach ,
Email ,
Hackers ,
Health Care Providers ,
Identity Theft ,
IRS ,
Phishing Scams ,
Popular ,
Spoofing ,
Tax Fraud ,
Tax Returns
As we discussed in our blog post last week, on October 6, 2015, the Court of Justice of the European Union issued a judgment that invalidated the EU-U.S. Safe Harbor Framework. For the past 15 years, thousands of companies...more
10/13/2015
/ Binding Corporate Rules ,
Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
Judicial Redress Act ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Popular ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
SCC ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
The recent decision by the Court of Justice of the European Union (CJEU) invalidating the Safe Harbor framework for transfers of personal data from the EU to the US has caused tremendous concern among businesses. Join lawyers...more
As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more
7/28/2015
/ Biometric Information ,
Breach Notification Rule ,
Data Breach ,
Data Security ,
Driver's Licenses ,
Email ,
Health Insurance ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Identity Theft ,
Passwords ,
Personally Identifiable Information ,
Popular ,
Privacy Policy ,
Safe Harbors
The cross-use of mobile devices for personal and professional purposes, commonly referred to as “Bring Your Own Device” or “BYOD”, is a relatively recent phenomenon that has created a host of legal and practical challenges...more
On January 15, 2015, New York Attorney General Eric Schneiderman indicated that he plans to propose legislation to update New York’s information security laws, including by revising the definition of “private information”...more