News & Analysis as of

Compliance Data Privacy Personal Data

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Mayer Brown

Hong Kong Privacy Commissioner for Personal Data Completes Compliance Checks on the Use of AI and Data Privacy

Mayer Brown on

INTRODUCTION - Artificial intelligence ("AI") has rapidly transitioned from experimental use to widespread adoption across Hong Kong. Organisations are now leveraging AI models to enhance customer service, improve risk...more

Proskauer - New Media & Technology

Oregon Strengthens Geolocation Data Privacy and Children’s Personal Data Protections, Adding to Compliance for Data Brokers and...

Proskauer - New Media & Technology on

On June 3, 2025, Oregon Governor Tina Kotek signed HB 2008 into law to amend the Oregon Consumer Privacy Act, the state’s comprehensive data privacy law. Among other items, effective January 1, 2026, the “sale” of two...more

Morrison & Foerster LLP

FTC Looks to Leverage PADFAA Enforcement to Help Limit Exposure of Consumer Data

Morrison & Foerster LLP on

In recent comments, Commissioner Holyoak signaled that the Federal Trade Commission will prioritize enforcement of the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA), a law that empowers the FTC to police...more

Paul Hastings LLP

ICO Annual Report Provides Insight Into Data Protection Risks for Businesses

Paul Hastings LLP on

The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more

Dacheng

China Monthly Data Protection Update: July 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more

Mintz - Privacy & Cybersecurity Viewpoints

No More Warnings: Ignoring AG Costs $85,000

Mintz - Privacy & Cybersecurity Viewpoints on

Connecticut Attorney General William Tong recently announced the state’s first-ever enforcement settlement under the Connecticut Data Privacy Act (CTDPA) with TicketNetwork, Inc., an online ticket marketplace. The settlement...more

DLA Piper

CHINA: DPOs Must Be Registered Before 29 August 2025

DLA Piper on

While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more

Proskauer - Minding Your Business

DOJ Begins Enforcement of New Data Security Program

Proskauer - Minding Your Business on

On July 9, 2025, the Department of Justice (“DOJ”) commenced enforcement of its new Data Security Program (“DSP”) to prevent foreign adversaries from accessing sensitive U.S. data. Created earlier this year, the program seeks...more

Wiley Rein LLP

States Continue Privacy Law Enforcement Efforts

Wiley Rein LLP on

Recent enforcement activities in California and Connecticut highlight that states are ready and willing to actively enforce their comprehensive privacy laws. These recent actions – which continue the trend of states ramping...more

Constangy, Brooks, Smith & Prophete, LLP

New York’s unique Child Data Protection Act: Here’s everything you need to know

Constangy, Brooks, Smith & Prophete, LLP on

New York ‘s Child Data Protection Act, available here, took effect on June 20. This is a landmark piece of legislation designed to enhance the online privacy and safety of minors. As concerns over children’s digital...more

Skadden, Arps, Slate, Meagher & Flom LLP

Something Is Better Than Nothing: UK and EU GDPR Reform Finally Arrives

Skadden, Arps, Slate, Meagher & Flom LLP on

In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more

HaystackID

Operating in Flux: Doing Business Under Europe’s Intensifying Regulatory Environment

HaystackID on

Editor’s Note: Europe’s regulatory landscape has undergone a fundamental transformation, extending far beyond GDPR’s foundational framework to encompass a complex ecosystem of interconnected laws governing digital platforms,...more

Skadden, Arps, Slate, Meagher & Flom LLP

The European Health Data Space – What EU Health Care Providers and Data Holders Need To Know

Skadden, Arps, Slate, Meagher & Flom LLP on

- On 26 March 2025, the European Health Data Space (EHDS) Regulation entered into force. The regulation establishes a comprehensive framework for health-data sharing and access in the EU, with the dual aim of supporting the...more

Alston & Bird

Are You Ready for the Department of Justice’s Bulk Data Transfer Rule?

Alston & Bird on

On July 8, 2025, the Department of Justice (“DOJ”) is set to lift its self-imposed pause on enforcing certain violations of its Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of...more

Wiley Rein LLP

New Jersey Proposes New Privacy Rules That Would Impact Compliance

Wiley Rein LLP on

On June 2, the New Jersey Division of Consumer Affairs (Division) published proposed regulations to implement the New Jersey Data Privacy Act (NJDPA). Of note, these rules were proposed months after the NJDPA went into effect...more

Robinson+Cole Data Privacy + Security Insider

Clock Ticking: DOJ’s New Data Security Rule Requires Compliance by July 8

Robinson+Cole Data Privacy + Security Insider on

U.S. companies are running out of time to comply with a sweeping new Department of Justice (DOJ) rule that limits sharing sensitive personal data with certain foreign countries—including China, Russia, and Iran. With a hard...more

Baker Donelson

DOJ Bulk Data Rule: Key Takeaways for Healthcare and Life Sciences

Baker Donelson on

The Data Security Program (DSP), implemented by the Department of Justice's National Security Division (DOJ/NSD) under Executive Order 14117 (Preventing Access to Americans' Bulk Sensitive Personal Data and United States...more

McGlinchey Stafford

Montana Amends Consumer Data Privacy Act, Removes Financial Institution Exemption

McGlinchey Stafford on

On May 8, 2025, the governor of Montana signed into law SB 297, which amends the Montana Consumer Data Privacy Act (MCDPA). The amendments become effective on October 1, 2025. Among other things, SB 297: • amends the...more

Eversheds Sutherland (US) LLP

Navigating new compliance requirements for DOJ’s Bulk Data Rule

Eversheds Sutherland (US) LLP on

While the US federal government is largely scaling back its rulemaking and compliance efforts, one critical exception is where personal data and technology intersect with national security. Exemplifying this trend, on April...more

Perkins Coie

DOJ’s Bulk Personal Data Rule Becomes Effective–Resources for Compliance

Perkins Coie on

The new Department of Justice (DOJ) rule governing international transfers of Americans’ information, codified at 28 C.F.R. Part 202, became effective on April 8, 2025....more

ArentFox Schiff

Navigating the DOJ’s New Data Transfer Rule: Implications and Compliance Requirements

ArentFox Schiff on

On January 8, the US Department of Justice (DOJ) issued a final rule under Executive Order 14117, which established the Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern...more

Kelley Drye & Warren LLP

The Bulk Data Access Rule: What Advertisers Need to Know

Kelley Drye & Warren LLP on

On April 11, the Department of Justice issued an extensive set of FAQs on its Bulk Data Access Rule and advised that it ​“will not prioritize civil enforcement actions against any person for violations” of the Rule through...more

Amundsen Davis LLC

Is My U.S.-Based Company Subject to the GDPR? Clearing Up European Data Privacy Law Misinformation

Amundsen Davis LLC on

If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more

The Volkov Law Group

DOJ Issues Data Security Program Requirements (Part I of II)

The Volkov Law Group on

Many “good government” initiatives continue to be enacted or implemented on Capitol Hill or in the Executive Branch — notwithstanding changes in political control. While working on Capitol Hill, the bulk of the legislative...more

Tonkon Torp LLP

Consumer Privacy Laws Are Expanding Nationwide

Tonkon Torp LLP on

Businesses operating across the U.S. should pay close attention to the rapidly evolving consumer privacy landscape. To date, 20 states, including Oregon, have enacted comprehensive consumer privacy laws, with 14 already in...more

131 Results
 / 
View per page
Page: of 6
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide