How Startups Can Comply With Ever-Changing Privacy Laws
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
An Overview of the 2014 Class Action Survey
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
Over the last few years, 71% of countries have enacted data protection laws, reflecting the global emphasis on data privacy across industries. For businesses operating internationally, complying with diverse data privacy...more
Las compañías que hacen negocios en México deben revisar las políticas y prácticas pertinentes para asegurarse de que se alinean al marco integral de privacidad de datos del país. Específicamente, querrá evaluar sus avisos de...more
Companies doing business in Mexico should review relevant policies and practices to ensure they align with the country’s comprehensive data privacy framework. Specifically, you’ll want to assess your privacy notices, data...more
In this episode, AGG’s Food & Drug team leader, Alan G. Minsk, and co-chair of AGG's Data Privacy practice, Kevin L. Coy, discuss U.S. and international privacy and data security law issues life sciences companies may...more
With the UK now unambiguously out of the EU, the EU General Data Protection Regulation (2016/679) (“EU GDPR”) has been replaced by the United Kingdom General Data Protection Regulation (“UK GDPR”). In this third instalment of...more
Why does this topic matter to organisations? EU data protection law provides data subjects with a wide array of rights that can be enforced against organisations that process personal data. These rights may limit the...more
Privacy Shield participants must update their privacy notices by March 29, 2019 (if the UK crashes out of the EU then with no deal) to continue to rely on the Privacy Shield for UK to US transfers post-Brexit. Privacy Shield...more
Data protection laws in Europe evolved substantially in 2018, with the implementation of the General Data Protection Regulation (GDPR) and the Directive on Security of Network and Information Systems (NIS Directive) becoming...more
Over the course of 2018, the FTC brought several actions against US companies for violations of the Privacy Shield program. The program, which as we have reported on previously gives participating US companies a mechanism to...more
If you have ever made an online purchase, chances are that you have received at least one email in the last month notifying you that a company’s privacy policy has changed. ...more
In the context of enforcement of the European General Data Protection Regulation (“GDPR) on May 25, 2018, charitable organizations have showed an increased concern as to whether the GDPR applies to them, and what being...more
After ten hours of Congressional testimony, one thing is clear – there is growing bipartisan concern over data privacy and data protection in the US. In the wake of so many recent data breaches, and now the data harvesting...more
We’ve discussed privacy compliance with regulations, legal requirements, etc. in the space since this blog’s inception. “Privacy by design” – while not a new concept – is certainly enjoying a new spot in the sunshine thanks...more
Privacy laws in Asia-Pacific countries such as Japan, Australia, New Zealand and Singapore restrict the export of personal information except when the exporter meets certain qualifying conditions. One qualifying condition is...more
Privacy Shield – An Early Reflection - EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more
On October 19, the US Department of Commerce and the Personal Information Protection Commission of Japan announced their commitment to expand the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR)...more
The annual conference of the world’s data protection regulators is a three day exercise, with half of the conference being “closed door” for the regulators only, and the other half being a series of side meetings and...more
In this edition of our Privacy & Cybersecurity Update, we discuss what companies need to know in the wake of the EU Court of Justice's rejection of the U.S.-EU Safe Harbor framework and take a look at the following important...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
The CJEU’s Decision on Safe Harbor and its Effects on US Technology Companies - On October 6, 2015, the Court of Justice of the European Union (“CJEU”), the European Union’s highest court, issued a groundbreaking...more
The European Court of Justice (ECJ) has struck down the 15-year-old “Safe Harbor” agreement that permitted companies operating in Europe to transmit personal user data to the United States, as long as the U.S. ensures an...more
Europe’s top court ruled that U.S. companies relying upon the “Safe Harbor Framework” data sharing regime to maintain information regarding EU citizens is “invalid.” This means that any company relying upon the Safe Harbor...more
1. CJEU finds Safe Harbor Invalid - In a landmark ruling delivered today, Europe's highest court, the Court of Justice of the European Union (CJEU) declared that the EU Commission's US - EU Safe Harbour regime is...more