The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
X Agrees to Stop Processing EU Data to Train its Grok AI - Ireland’s Data Protection Commission (“DPC”) recently filed an urgent High Court application against X (formerly Twitter) for using the personal data of European...more
Summary - In its judgement of 11 July 2024 (C-757/22), the European Court of Justice (‘ECJ’) ruled that the violation of a controller’s information obligations under Art. 12 and 13 GDPR, can be subject to a representative...more
Introduction - We have compiled the main differences between the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
On March 7, 2024, the European Court of Justice (CJEU) issued a landmark ruling on digital advertising and the concepts of personal data and joint controllership under the General Data Protection Regulation (GDPR)....more
On January 16, 2024, New Jersey became the first state to enact a comprehensive data privacy law in the new year, with Gov. Phil Murphy (D-NJ) signing the New Jersey Privacy Act (NJPA) (SB 332) into law. The New Jersey law...more
Following NOYB's filing of 101 complaints over continuous EU-U.S. data transfers by websites operators in the European Economic Area (EEA) in the post-Schrems II era, the Spanish Data Protection Agency (AEPD) issued its first...more
The European Council adopted the EU Data Act (the Act) on November 27, 2023, representing a major regulatory shift in cloud services and data processing. The Act’s objectives include ensuring fairness in the allocation of...more
A few weeks ago, on 24 September 2023, the Data Governance Act (Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance) (“DGA”) came into force. The DGA aims to...more
GDPR compliance can be tricky. Even if you summon the willpower to read through the law’s text, it can be tough to know where to start. As an alternative to pouring through the GDPR’s legalese, one way to establish a...more
The European Parliament and the Council of the European Union adopted the European Data Act on June 28 after lengthy negotiations. The Data Act creates a legal framework for a single European data market, and its key...more
Regulations governing the use of AI technologies are constantly evolving in countries around the world. A class action is currently underway in California against Microsoft and OpenAI. The action alleges various violations of...more
On June 8, 2023, the UK and the U.S. governments issued a joint statement announcing that they had committed in principle to the establishment of a “UK Extension to the Data Privacy Framework,” which would facilitate flows of...more
In Europe, recent advances in artificial intelligence (AI) have given rise to intense debate over how this technology should be regulated. Companies that have developed AI tools, or who are considering implementing AI, should...more
Generative AI (GenAI) has been at the top of the headlines lately, transforming fields as varied as journalism, marketing, and gaming, boosting productivity and profitability, and performing functions previously limited to...more
International data protection law has taken a lead from the lessons learned in Europe since the introduction of GDPR. What influence have they had in APAC?...more
Government scales back the proposed revocation of EU law bill and announces changes to the Working Time Regulations, TUPE and non-compete clauses - In previous editions of the Edit we reported on the proposals in The...more
The Court of Justice of the EU (CJEU)1 has held that the General Data Protection Regulation (GDPR) requires controllers to provide data subjects a "faithful reproduction" of their personal data, which takes into account the...more
California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020) and Related Regulations - 1798.100 General Duties of Businesses that Collect Personal Information - (a) A business that...more
In recent years, alongside the rapid development of the digital economy and the concomitant increase in data generation, collection, processing and monitoring in the People’s Republic of China (PRC or China), the Chinese...more
In light of the increasing number of enforcement incidents under the General Data Protection Regulation (GDPR), organisations active in the Health and Life Sciences sectors in the United Kingdom, the European Union (EU) and...more
Editor’s Note: On February 15, 2023, HaystackID shared an educational webcast to provide valuable insight into the ways in which AI is being used to address key issues in the realm of privacy and cybersecurity. The expert...more
Report on Patient Privacy Volume 23, no 2 (February 2023) DCH Health Systems, based in Tuscaloosa, Ala., said it fired an employee in December after a routine privacy audit revealed evidence that the worker had accessed some...more
The article highlights the privacy concerns surrounding the use of cameras in monitoring public spaces and how these issues are particularly relevant in Europe, where privacy is a fundamental aspect of the legal culture. The...more