Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
As the digital economy continues to thrive and remote work becomes increasingly mainstream, an “offshore model” of business operation has emerged. Under this model, companies may provide services to users in a given...more
The Belgian Data Protection Authority recently ruled that a Belgian government entity, FPS Finance, cannot transfer the personal data of “accidental Americans” to the IRS. According to the decision, the transfers needed to...more
President Donald Trump has taken office, and organizations can stay ahead of US policy changes and strategic shifts that may impact operations under the new presidential administration. McDermott’s cross-practice team, along...more
At first glance, the headline looks like a typo: The EU rules against the EU…for breaching EU data protection law?...more
The Federal Trade Commission recently settled complaints against two data brokers over their handling of consumers’ sensitive location information. The agency alleged that such practices constitute unfair practices. Under the...more
Verkada, a manufacturer and retailer of security cameras, has settled FTC accusations of lax security measures. The company sells its products to businesses, including schools and medical facilities. It markets its products...more
A US federal district court judge recently endorsed the broad investigative powers of the Internal Revenue Service (IRS) in United States v. Eaton Corp., No. 1:23-mc-00037, May 16, 2024 (N.D. Ohio). During its audit of...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
On March 22, 2024, nearly six months after the release of the “draft Provisions on Regulating and Promoting Cross-border Data Transfer” (the “Draft Rules”), the Cybersecurity Administration of China (the “CAC”) formally...more
China has passed provisions which relax the current cross-border data transfer mechanisms. This comes as welcome news to the international business community, especially those with the need to export data from China in the...more
On February 28, 2024, President Biden issued Executive Order 14117 on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (the EO). The EO empowers...more
On February 28, 2024, President Biden issued an Executive Order (EO) entitled, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern,” outlining a new...more
This month the EDPB shed light on the question of lead supervisory authorities. The issue arose in response to a question late last month from the French supervisory authority. Some background. As most international...more
As more and more states enact laws that mirror aspects of GDPR, and as companies begin to get used to the EU’s new standard contractual clauses, now may be a good opportunity for a refresh on data sharing agreements. As most...more
ARTIFICIAL INTELLIGENCE - What is the Privacy Impact of the White House AI Order for Businesses? Posted November 28, 2023 Biden’s sweeping AI Executive Order sought to have artificial intelligence used in accordance...more
From the expansion of “general privacy” laws in US states and concerns over cross-border data transfers, to global focus on artificial intelligence, surveillance and dark patterns, 2023 was a busy year. Our privacy team...more
On September 28, 2023, the Cyberspace Administration of China (CAC) published the draft Provisions on Regulating and Promoting Cross-Border Data Transfers (Draft Provisions). If adopted into law in their current form, the...more
Now that the EU has adopted its adequacy decision for the EU-US Data Privacy Framework (DPF), many companies are assessing whether participation makes sense. Participation by a US entity is a mechanism -but not the only...more
On July 10, 2023, the European Commission (EC) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF, or “Privacy Framework”), which establishes the Privacy Framework as an authorized mechanism...more
As those in the privacy world await the outcome of the EU-US privacy framework negotiations, the EDPB was in the news recently for a different mechanism for data transfers: Binding Corporate Rules. Namely, it adopted...more
If there has been any constant in the wave of privacy changes since the enactment of GDPR, it’s been the need to stay vigilant about the impacts of evolving regulations and enforcement globally. From changes to the California...more
The EU released its draft adequacy decision for the EU-US Data Privacy Framework, but all is not smooth sailing. As we wrote in October, the US developed the proposed new framework in response to the declared inadequacy of...more
It has been almost two years since the Privacy Shield was struck down as a valid data transfer mechanism in Schrems II. Many have been wondering “what’s next”? Will there be a replacement framework? When will that be...more
China’s Cybersecurity Law (the “Cybersecurity Law”) took effect on June 1, 2017. The Cybersecurity Law consists of 79 articles in total. According to Article 2 thereof, the Cybersecurity Law would apply to the construction,...more
Over the past few years, China has introduced a range of laws dealing with data privacy and cybersecurity. The most well-known is China's Cybersecurity Law, which came into effect in June 2017. With the recent passing of...more