A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
An Ounce of Prevention: Keys to Understanding and Preventing AI and Cybersecurity Risks
Calculating eDiscovery Costs: Tips from Brett Burney
State AG Pulse | Content moderation vs. free expression
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Navigating the Digital Frontier: Employee Privacy Rights and Legal Obligations in the Modern Workplace
DE Under 3: OMB Announced Finalized Overhaul to Federal Race & Ethnicity Data Collection Standards
Embracing Data Privacy to Drive Business Growth: On Record PR
Work This Way: A Labor & Employment Law Podcast - Episode 6: Digital Forensics & Protecting Trade Secrets with Clark Walton
PODCAST: Williams Mullen's Trending Now: An IP Podcast - U.S. State Data Privacy Update
Managing Large Scale Review Efficiency: Tips From a GC
AD Nauseam – Children, They are Indeed Our Future – COPPA Developments
1071 Rule Status — The Consumer Finance Podcast
Data Dividend: What is Personal Data Worth?
The Great Link Debate and the Future of Cloud Collaboration
RegFi Episode 9: Consumer Data Collection and Usage with Eric Ellman
On 7 March 2024, the Court of Justice of the European Union issued a ruling (C-604/22 | IAB Europe) clarifying the concepts of personal data and controller in the context of the use of a Transparency and Consent Framework...more
European Parliament Approves EU AI Act - On March 13, 2024, the European Parliament approved the EU Artificial Intelligence Act (“AI Act”). A first of its kind legal framework for AI, the AI Act has extraterritorial effect,...more
In joined Cases C‑26/22 and C‑64/22, related to the German Credit Reference Agency Schufa (see A&O blog on the automated decision making case), the CJEU considered the retention of personal data regarding individuals who had...more
ust over a year ago, on 21 April 2022, the seven economies (Canada, Japan, the Republic of Korea, the Philippines, Singapore, Taiwan, and the USA) participating in the Asia-Pacific Economic Cooperation (APEC) Cross-Border...more
As many employers will be aware, data subject access requests (DSARs) can take up a significant amount of business resources and are a common tactic used by disgruntled employees. A recent decision from the Court of Justice...more
The Court of Justice of the EU (CJEU)1 has held that the General Data Protection Regulation (GDPR) requires controllers to provide data subjects a "faithful reproduction" of their personal data, which takes into account the...more
On 4 May 2023, the European Court of Justice (CJEU) delivered its highly anticipated judgement in Österreichische Post (Case C-300/21) on a crucial issue: the extent to which data subjects affected by a breach of the GDPR...more
Under the European Union’s General Data Protection Regulation (GDPR), individual data subjects have the right to request that the data controller share information regarding the data subject’s personal information...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
Expect another year of regulatory ambiguity for international data privacy laws in 2023, as the European Commission reviews the EU-US Data Privacy Framework. European Union courts indicate increased scrutiny for behavioral...more
The Data Protection Authority (“DPA”) of the German state Hamburg is one of the first European DPA to publish an optimistic assessment on the U.S. Executive Order on “Enhancing Safeguards for United States Signals...more
FTC Chair Lina Khan Questions Current Data Collection Practices by Private Industry at IAPP Global Privacy Summit, Suggests New Rulemaking May Be Necessary - In her first major privacy address since taking the helm of the...more
On March 25, 2022, the European Union (EU) announced that the United States and the EU had reached an agreement in principle to replace the EU-U.S Privacy Shield framework, which the European Court of Justice (CJEU) struck...more
In July 2020 the Court of Justice the European Union’s (CJEU) Schrems II decision declared the EU-US Privacy Shield Protections inadequate for the protection of European data. On November 10, 2020, the European Data...more
United Kingdom, French and Belgian national security laws (and such laws of other EU Member States) fell under the scrutiny of the Court of Justice of the European Union (CJEU), which on October 6, 2020, ruled on whether such...more
Website and app operators are jointly liable with Facebook for violations of European data protection law - In its judgment of 29 July 2019 (ref.C-40/17), the European Court of Justice has ruled on two essential points...more
Parties in the US are allowed broad and liberal discovery of electronically stored information (ESI) relevant and proportional to the claims and defenses in a legal action. When a US-based litigant seeks ESI stored in other...more
On October 6, 2020, the Court of Justice of the European Union (the “Court”) ruled that principles of EU law prevent Member States from requiring a provider of electronic communications services to indiscriminately retain...more
Generally, contact tracing refers to an effort by public health officials to identify individuals with whom a patient who has tested positive for an infectious disease has been in close proximity. Public health officials will...more
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
There is a lot currently happening in the European Union. From the latest European Court opinions with respect to merger clearance, dominance violations, data protection and state aid to Brexit, we’re checking in with our...more
On July 16, 2020, the Court of Justice of the European Union (CJEU) issued its anxiously-awaited judgment in the Schrems II case. The CJEU’s decision upheld the Standard Contractual Clauses (SCCs) but, somewhat surprisingly,...more
The Court of Justice of the European Union (CJEU) Invalidates the EU-U.S. Privacy Shield- On July 16, 2020, the CJEU invalidated the EU-U.S. Privacy Shield (the Privacy Shield) in its decision in Facebook Ireland v. Schrems...more
The legal requirements for the use of cookies have been subject to discussion over the last few years, with little to no enforcement and guidance from European data protection authorities (DPAs). That has changed recently....more
The Spanish supervisory authority agencia española protección datos (“Supervisory Authority”) has issued a fine against an airline based on their use of a cookie banner, which the Supervisory Authority considered not to be...more