"Monsters Inc." y el tratamiento de los datos
Introducing The Crypto Exchange Podcast
Episode #7 - It's All About Latency: The Future of Data Processing and Storage
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Compliance Perspectives: Regulatory Conflicts in Data Privacy Laws
Compliance Perspectives: Compliance, GDPR and Brexit
The CCPA for the Land Title Industry: Who Does the CCPA Apply To?
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
On September 4, 2025, the Court of Justice of the European Union (“CJEU”), delivered its judgment in European Data Protection Supervisor ("EDPS") v. Single Resolution Board ("SRB") (C-413/23 P). The decision clarifies two...more
We’re about one month away from the effective date of Maryland’s version of a state comprehensive privacy law--the Maryland Online Privacy Act (MODPA). Effective October 1, 2025, MODPA contains the now familiar comprehensive...more
You never think about breathing air. Most of the time, you’re not consciously moving your legs as you walk. You don’t have to remind yourself to blink every few seconds. For modern businesses, that’s what processing personal...more
Thailand's Personal Data Protection Committee (“PDPC”) has significantly intensified its enforcement of Thailand's Personal Data Protection Act B.E. 2562 (2019) (“PDPA”), announcing on 1 August 2025 eight new administrative...more
In a decision issued on 18 July 2025 against Google LLC, the Personal Data Protection Office (PDPO) has affirmed that the data protection compliance obligations under Ugandan law apply to all entities that handle the personal...more
The Italian Data Protection Authority’s recent decision provided guidance on the true meaning of personal data anonymization and the crucial distinction between the DPO as a monitor – not an executor. In a world driven by AI...more
Cloud-based HR systems have become standard for multinational businesses, driving efficiency but also increasing compliance and privacy risks. Indeed, a recent Workday case, which originated in Germany, has clarified the...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
The European Union took a big step last year towards regulating digital labor platforms – and member states will need to adopt the new directive before the end of 2026. The directive seeks to curb worker misclassification,...more
italiano: Privacy per Startup – I primi passi When launching a startup in Italy, it is critical to comply with the applicable data protection requirements. Failing to do so can lead to significant risks in terms of liability...more
While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
The New Jersey Data Protection Act (NJDPA), N.J. Stat. § 56:8-166.4 et seq., will go into effect on January 15, 2025, as New Jersey joins eighteen other states with comprehensive data privacy laws. ...more
Recently, the European Data Protection Board (EDPB) adopted an opinion addressing key data protection concerns arising from the use of Artificial Intelligence (AI) models. The opinion specifically focuses on how GDPR...more
To round out this year’s series on new state consumer privacy laws, we are covering the statute passed by Kentucky earlier this year. Please also keep your eye out for our 2024 round-up article that will be published soon, as...more
On 17 December 2024, the European Data Protection Board (EDPB) adopted its opinion on certain data protection aspects related to the processing of personal data in the context of AI models (Opinion). The Opinion comes as a...more
On January 1, 2025, five states’ consumer privacy rights laws will go into effect. Is your business ready? Have you determined if these laws apply to your business?...more
On 14 November, and after many years of negotiations, Chile adopted a new Data Protection Act (la Ley que regula la protección y el tratamiento de los datos personales y crea la Agencia de protección de datos personales)....more
En este episodio de "A Lo Legal En Par Minutos", nuestro socio Edwin Cortés conversa con Anna Catalina Pérez, abogada del área corporativa, acerca del tratamiento de los datos en empresas colombianas. Utilizando el ejemplo de...more
Comprehensive consumer privacy laws continue to hit the desks of governors in states across the country, with nineteen state laws now on the books. Since we wrote our 2023 Round-Up on State Consumer Data Privacy Laws article...more
On September 24, 2024, the State Council released the Regulations on the Management of Network Data Security (《网络数据安全管理条例》) (“Regulations”). The Regulations focus on prominent issues related to Personal Information (PI),...more
New rules just took effect in Brazil regulating international data transfers, and employers doing business in the country must take note. Covered data processing agents – such as companies in Brazil that transfer data to...more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more
Scope of the Regulation - On August 23, 2024, the Brazilian Data Protection Authority (ANPD) published Resolution CD/ANPD No. 19/2024 (the “Regulation”), which addresses international transfers of personal data....more