What You Need To Know:
•The Texas Data Privacy and Security Act has broader jurisdiction than any other state data protection law and will regulate the data processing activities of thousands of companies for the first...more
6/21/2024
/ Big Tech ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Consumer Protection Laws ,
Data Privacy ,
Data Protection ,
Florida ,
New Legislation ,
Oregon ,
State Privacy Laws ,
Texas
U.S. Senate and House committee chairs took a decisive step toward enacting national data privacy legislation with the release (in draft) of the American Privacy Rights Act (APRA) on March 31. Sen. Maria Cantwell, D-Wash.,...more
4/11/2024
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Data Breach ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Privacy Framework ,
Privacy Laws ,
Proposed Legislation
On Jan. 1, the Corporate Transparency Act (CTA) went into effect, premised on the belief that illicit actors use corporate structures like shell companies and fronts to hide their identities and launder criminal proceeds...more
2/29/2024
/ Anti-Money Laundering ,
Beneficial Owner ,
Corporate Transparency Act ,
Cybersecurity ,
Data Protection ,
Data Security ,
Financial Crimes ,
FinCEN ,
Popular ,
Reporting Requirements ,
U.S. Treasury
The Corporate Transparency Act (CTA), which became effective on January 1, requires that U.S. and foreign companies authorized to do business in the U.S. (each, a Reporting Company) report specific personal information...more
On January 8, 2024, after multiple amendments, the New Jersey Legislature passed a comprehensive data protection bill (SB 332). Gov. Philip Murphy has 45 days to execute SB 332, making New Jersey the 13th state to adopt...more
1/15/2024
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Controller ,
Data Deletion ,
Data Protection ,
Financial Services Industry ,
Governor Murphy ,
New Jersey ,
Opt-Outs ,
Personal Data ,
State Data Privacy Laws
The Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies (the “Cybersecurity Rules”), which the Securities and Exchange Commission (SEC) had adopted earlier this year,...more
12/22/2023
/ Chief Information Security Officer (CISO) ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 8-K ,
Investment Company Act of 1940 ,
Popular ,
Publicly-Traded Companies ,
Reporting Requirements ,
Risk Management ,
Securities Act of 1933 ,
Securities and Exchange Commission (SEC)
On November 27, the California Privacy Protection Agency (CPPA) released draft regulations on automated decision-making technologies (ADMT) pursuant to the Consumer Privacy Protection Act, as amended (CCPA). The proposed ADMT...more
On October 30, 2023, President Joe Biden issued an Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (Order) that addresses the responsible use of artificial intelligence (AI)...more
Congress has repeatedly failed to pass comprehensive national data protection legislation, and the states are rapidly filling the void with laws that impose different requirements on a state-by-state basis.
Most of these...more
President Biden recently signed the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities and supporting regulations (collectively, the “Executive Order”), enhancing privacy and civil...more
10/18/2022
/ Corporate Counsel ,
Data Security ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Executive Orders ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Joe Biden ,
U.S. Commerce Department
Accurate and timely data is essential for successful Diversity, Equity and Inclusion Initiatives and other critically important programs, but when data collection activities collide with the GDPR risks may escalate. Here’s...more
5/16/2022
/ Data Collection ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Diversity ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Human Resources Professionals ,
International Data Transfers ,
Job Applicants ,
Sensitive Personal Information ,
Standard Contractual Clauses ,
UK
Summaries of recent legislative and regulatory developments with respect to:
•SEC’s 2022 Examination Priorities • Proposed Amendments to Form PF Requirements-
•Proposed New Rules Applicable to Private Fund Advisers and...more
5/5/2022
/ Anti-Money Laundering ,
Beneficial Owner ,
Broker-Dealer ,
CFTC ,
Commodity Trading Advisors (CTAs) ,
CPOs ,
Cryptocurrency ,
Cybersecurity ,
Department of Labor (DOL) ,
Digital Assets ,
Employee Retirement Income Security Act (ERISA) ,
Environmental Social & Governance (ESG) ,
Fiduciary Rule ,
Foreign Investment ,
General Data Protection Regulation (GDPR) ,
Investment Adviser ,
Investment Funds ,
NFA ,
Proxy Voting ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Threshold Requirements
A major software vulnerability (known as Log4j or Logshell) continues to have a major impact on many industries, causing insurance carriers and regulators to take notice. In the latest episode of Lowenstein Sandler’s...more
Despite the great strides companies have made to mitigate the risks associated with security breaches, including putting insurance in place to cover those risks, cyber criminals have remained two steps ahead, finding new and...more
1/20/2022
/ Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Fines ,
Insurance Claims ,
Penalties ,
Popular ,
Privacy Laws
U.S. state legislatures accelerated efforts in 2021 to fill the gap created by the absence of national data privacy legislation. California, Virginia, and Colorado passed or amended data protection laws, and the trend is...more
12/10/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Privacy ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Opt-Outs ,
Privacy Laws ,
Privacy Policy ,
Risk Assessment
Summaries of recent legislative and regulatory developments with respect to:
•The SEC’s Examination Priorities for 2021-
•The SEC’s Focus on Digital Asset Securities-
•The SEC’s New Marketing Rule... ...more
4/1/2021
/ Accredited Investors ,
Anti-Money Laundering ,
BEA ,
Broker-Dealer ,
CARES Act ,
CFIUS ,
Chief Compliance Officers ,
Client Funds ,
Common Reporting Standard (CRS) ,
Compliance ,
Coronavirus/COVID-19 ,
Department of Justice (DOJ) ,
Digital Assets ,
Disclosure ,
Employee Retirement Income Security Act (ERISA) ,
Environmental Social & Governance (ESG) ,
EU ,
Financial Fraud ,
Financial Industry Regulatory Authority (FINRA) ,
FinTech ,
Foreign Investment ,
Form CRS ,
General Data Protection Regulation (GDPR) ,
IARD ,
Investment Adviser ,
Investment Advisers Act of 1940 ,
Investment Portfolios ,
Net Operating Losses ,
Office of Foreign Assets Control (OFAC) ,
Recordkeeping Requirements ,
Registered Investment Advisors ,
Safe Harbors ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Tax Cuts and Jobs Act ,
U.S. Treasury ,
Unauthorized Transactions
On March 2, the Virginia Consumer Data Protection Act (VCDPA) was signed into law, becoming the second comprehensive state privacy law in the United States. The VCDPA reflects core principles from the California Consumer...more
3/9/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Privacy ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opt-In ,
Personal Data ,
Personal Information ,
Privacy Disclosures ,
Privacy Laws ,
Risk Assessment ,
Virginia
As we began exploring last week in Part I of our Post-Brexit, Schrems II, and the GDPR: Privacy Compliance Priorities in Early 2021 series, significant developments in late 2020 charted a course in privacy/cyber compliance...more
2/1/2021
/ DPA ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK ,
UK Brexit
On December 31, 2020, the Brexit transition period ended and the United Kingdom’s (UK) domestic implementation of the GDPR, the UK Data Protection Act 2018, as amended (UK GDPR), now governs the processing of personal data in...more
Signed into law in September 2020, AB 713 aimed to clarify certain exemptions from the California Consumer Privacy Protection Act (CCPA) in order to ease compliance challenges encountered by companies in life sciences,...more
Companies considering facial recognition technology must weigh benefits against possible civil rights and privacy risks-
The biometric data industry is growing rapidly, with the global facial recognition market alone...more
The Court of Justice of the European Union (CJEU) Invalidates the EU-U.S. Privacy Shield-
On July 16, 2020, the CJEU invalidated the EU-U.S. Privacy Shield (the Privacy Shield) in its decision in Facebook Ireland v. Schrems...more
7/17/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Collection ,
Data Transfers ,
EU ,
EU-US Privacy Shield ,
European Court of Justice (ECJ) ,
General Data Protection Regulation (GDPR) ,
Standard Contractual Clauses ,
Surveillance ,
U.S. Commerce Department
As businesses and other organizations in the private sector cautiously open their doors in the wake of the pandemic, DCT enables more efficient tracing of infected employees and notification to those at-risk. DCT also offers...more
6/22/2020
/ Android ,
Apple ,
California ,
California Consumer Privacy Act (CCPA) ,
Contact Tracing ,
Coronavirus/COVID-19 ,
Data Protection ,
Google ,
Health Insurance Portability and Accountability Act (HIPAA) ,
iPhone ,
Mobile Apps ,
Sensitive Personal Information ,
State and Local Government ,
State Attorneys General ,
Virus Testing
Final CCPA Regulations Progress to Administrative Review On June 2, the Office of the California Attorney General (OAG) announced that it had submitted the Final Text of the Proposed Regulations under the California Consumer...more
6/3/2020
The COVID-19 pandemic has had a disparate effect on privacy regulators, with varying levels of enforcement advocated by different government entities; the California Attorney General, the U.S. Department of Health & Human...more
6/1/2020
/ Attorney General ,
California ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Contact Tracing ,
Coronavirus/COVID-19 ,
COVID-19 Consumer Data Protection Act ,
Cyber Attacks ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Emergency Management Plans ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
Global Workforce ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Malware ,
Personal Information ,
Phishing Scams ,
Popular ,
Privacy Acts ,
Proposed Legislation ,
Regulatory Standards ,
Scams ,
Sensitive Personal Information ,
State and Local Government ,
UK