Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
New Jersey officials recently released proposed privacy regulations that would create several new compliance obligations for businesses above and beyond what existing state law and many other state laws require, meaning you...more
The European Data Protection Board (EDPB), the independent EU body responsible for ensuring the consistent application of the EU General Data Protection Regulation (GDPR) across all EU member states, has kicked off its...more
2024 was a busy year for state consumer data privacy laws in the United States. Seven states enacted comprehensive data privacy statutes throughout the year, and laws enacted in 2023 went into effect in Montana, Florida,...more
On 14 November, and after many years of negotiations, Chile adopted a new Data Protection Act (la Ley que regula la protección y el tratamiento de los datos personales y crea la Agencia de protección de datos personales)....more
They say everything is bigger in Texas which includes big privacy protection. After the Texas Senate approved HB 4 — the Texas Data Privacy and Security Act (“TDPSA”), on June 18, 2023, Texas became the eleventh state to...more
On March 6, 2024, New Hampshire’s Governor signed Senate Bill 255, which establishes a consumer data privacy law for the state. The Granite State joins the myriad of state consumer data privacy laws. It is the second state in...more
On June 30, the Delaware legislature passed the Personal Data Privacy Act (“the Act”). The Act now moves to the Delaware Governor’s desk for consideration and, if signed into law, will make Delaware the seventh state this...more
Texas became the latest state to pass comprehensive consumer data privacy and security legislation when Governor Abbot signed the Texas Data Privacy and Security Act into law on June 18. It will require businesses to take...more
Montana and Tennessee are the latest states to pass data protection laws under a “controller” and “processor” model as 2023 is proving to be a year of Privacy and Security overhaul. With 2023 showing no signs of slowing...more
Keypoint: The Indiana legislature is the seventh state legislature to pass consumer data privacy legislation. On April 13, 2023, the Indiana legislature passed SB 5. The bill largely tracks the Virginia Consumer Data...more
The new year has already seen a flurry of state privacy law activity, with legislators in at least nine states (Indiana, Iowa, Kentucky, Massachusetts, Mississippi, New York, Oklahoma, Oregon, and Tennessee) proposing new...more
The Colorado attorney general’s office sent shockwaves throughout the privacy world on September 30, 2022, when it published its proposed Colorado Privacy Act (CPA) draft rules (Draft Rules). The Draft Rules are complex and...more
The Advocate General argues that organisations should provide individuals with information on the specific recipients of their personal data. Advocate General Giovanni Pitruzzella (AG) of the Court of Justice of the...more
Following a public consultation on an initial version released last January, the European Data Protection Board (“EDPB”) last month adopted a final version of its Guidelines on Examples regarding Personal Data Breach...more
It is well known that the EU GDPR (specifically, Chapter V) restricts transfers of personal data from the EU to a “third country” (i.e. a jurisdiction outside the EEA) or to an international organisation. But what is meant by...more
China’s long-awaited Personal Information Protection Law (PIPL), after two rounds of draft versions, was finally passed by the Standing Committee of the National People's Congress on August 20, 2021, with the law effective...more
Starting August 1, 2021, the Brazilian Data Protection Law (LGPD) will have some teeth. - The LGPD was enacted in August 2018, but its provisions were scheduled to take effect in three separate phases....more
Colorado passes its own omnibus state privacy law. Although there are overlaps with the California and Virginia privacy laws, the Colorado Privacy Act has its own distinctions and variations, namely a longer cure period and...more
On June 4, 2021, the European Commission adopted two new sets of standard contractual clauses (SCCs): one for data transfers from data controllers to data processors and one for data transfers from data exporters to data...more
Ending months of anxious speculation from privacy lawyers around the globe, the European Commission announced on Friday that it had adopted final versions of the new Standard Contractual Clauses (the “New SCCs”) for the...more
On June 4, 2021, the European Commission announced the definitive adoption and publication of revamped Standard Contractual Clauses (“SCCs”) for the transfer of personal data to third countries pursuant to the EU General Data...more
Following the coming into effect of the GDPR three years ago and in light of last year’s Schrems II decision, the European Commission has adopted a new set of Standard Contractual Clauses (SCCs) aimed at enabling lawful...more
On May 13th, New York State Senator Kevin Thomas, Chair of NY’s Consumer Protection Committee, reintroduced the New York Privacy Act (“NYPA”), a comprehensive consumer privacy law similar in kind to the California Consumer...more
Update: Like several other state privacy bills introduced this year, SB 893 died in chamber. Connecticut is the latest state to introduce consumer privacy legislation. If enacted, the Connecticut Act Concerning...more
Virginia Governor Ralph Northam signed the Consumer Data Protection Act (the “Act”) on March 2, 2021. The following are answers to some frequently asked questions about the Act and its impact on organizations doing business...more