The European Commission approved a new adequacy decision on the EU-US Data Privacy Framework on July 10, 2023. The European Commission issued a press release, stating that "[T]he decision concludes that the United States...more
The California Superior Court ruled on June 30, 2023, that the California Privacy Protection Agency (CPPA) cannot begin enforcement of the California Privacy Rights Act of 2020 (CPRA) until March 29, 2024....more
On June 18, Texas Governor Greg Abbott signed into law the Texas Data Privacy and Securities Act (TDPSA). Substantive portions of the TDPSA, otherwise known as H.B. 4, are set to take effect on July 1, 2024, making Texas the...more
On May 28, the Texas legislature passed the Texas Data Privacy and Security Act (TDPSA), also known as H.B. 4. The TDPSA was sent to Governor Greg Abbott on May 30. If signed into law, the TDPSA will take effect on July 1,...more
Florida Health Information Storage Changes Taking Effect on July 1 -
Foreign Interests in the health care provider environment have generally meant ownership interests of persons from outside of the state in which the...more
On April 21, Montana and Tennessee passed comprehensive bills in their respective state legislatures. Montana and Tennessee now join Indiana and Iowa this year to enact comprehensive state privacy laws....more
Utah Is the First State to Limit Teens Under 18 From Social Media Access -
Utah Gov. Spencer Cox (R) signed two bills on March 23 (SB 152 and HB 311) prohibiting children under the age of 18 from using social media between...more
On March 31, 2023, the Italian Data Protection Authority (Garante per la protezione dei dati personali) announced that it is temporarily blocking the artificial intelligence software ChatGPT as a result of rising concerns...more
On March 30, 2023, the California Privacy Protection Agency (CPPA) announced that its rulemaking package to implement the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020...more
Iowa is now the sixth state in the U.S. to adopt a comprehensive privacy law that aims to give consumers more control over protecting their personal data.
Signed by Gov. Kim Reynolds (R) on Tuesday, Senate File 262 was...more
On February 24, the Cyberspace Administration of China (CAC) released the final version of the Standard Contract Clauses for Cross-Border Transfer of Personal Information (the SCCs) and the Measures for the SCCs (the...more
The California Privacy Protection Agency ("CPPA") Board unanimously voted 4-0 to finalize the proposed final California Privacy Rights Act ("CPRA") on February 3, 2022. The proposed final CPRA regulations were released on...more
Katten's Privacy, Data and Cybersecurity Quick Bytes is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe.
...more
Identity theft and cybercrime are now a multi-billion dollar industry causing severe harm to the individuals affected and the institutions we trust. In recognition of this unfortunate truth and Identity Theft Awareness Week,...more
On December 13, 2022, the European Commission published its draft adequacy decision recognizing the essential equivalence of U.S. data protection standards, laying the foundations for finalization of the European Union...more
Welcome to the inaugural issue of Katten’s Privacy, Data and Cybersecurity Quick Bytes. Each month, Quick Bytes will highlight the latest news and legal developments involving privacy, data and cybersecurity issues across the...more
New DOL Rule Enables Consideration of ESG Factors in Investing, Plus the SEC Continues its ESG Enforcement Push in the Absence of Final SEC Rules -
On November 22, the US Department of Labor (DOL) announced a final rule...more
12/14/2022
/ Block Trades ,
Crypto Exchanges ,
Cryptoassets ,
Cybersecurity ,
Data Protection ,
Department of Labor (DOL) ,
Environmental Social & Governance (ESG) ,
Financial Industry Regulatory Authority (FINRA) ,
Investment Adviser ,
Personal Data ,
Private Investment Funds ,
Securities and Exchange Commission (SEC) ,
UK
The New York Department of Financial Services (NYDFS) has published a proposal to amend its cybersecurity rules, which will require regulated companies to notify the NYDFS of a third-party cybersecurity incident within 72...more
The California Consumer Privacy Act (CCPA) is California's groundbreaking legislation that seeks to give California consumers certain rights over how a business handles "personal information" collected about its consumers. On...more
9/21/2022
/ B2B Organizations ,
B2B Transactions ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Privacy Laws
As you may recall from our previous advisory, "The European Commission Implements New Standard Contractual Clauses", existing data sharing contracts that include the old standard contractual clauses ("SCCs") will only remain...more
Under the EU General Data Protection Regulation (EU GDPR) and the UK Data Protection Act 2018 (UK GDPR) (together the GDPR), even if an organisation is not established in the European Economic Area (EEA) or United Kingdom it...more
11/30/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
UK
On 12 November 2020, the European Commission (Commission) published a draft Implementing Decision on standard contractual clauses for the transfer of personal data to third countries pursuant to the EU General Data Protection...more
The end of the Brexit transition period is now upon us. Whilst the EU General Data Protection Regulation (EU GDPR) is retained in domestic law with minimal amendment, the so-called 'UK GDPR' has some key changes that...more
1/29/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Hackers ,
Personally Identifiable Information ,
Popular ,
UK ,
UK Brexit
The end of the Brexit transition period is upon us. As of 1 January 2021, the UK is a 'third country' under the EU General Data Protection Regulation (GDPR), though the transition period has been extended for up to six months...more
In the age of COVID-19, schools have had to quickly switch to virtual distance learning, which causes a variety of concerns over student privacy and cybersecurity. Katten’s multidisciplinary team of Privacy, Data,...more