In today’s data-driven sports industry, teams, leagues and sponsors increasingly rely on biometric and performance data to enhance player performance, prevent injuries and optimize contract negotiations. Such data collection...more
This is the second article in our two-part series on Cybersecurity in the Age of Industry 4.0, focusing on the legal implications and potential liabilities manufacturers face from cyberattacks, as well as practical...more
9/20/2024
/ California Privacy Rights Act (CPRA) ,
Class Action ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Duty of Care ,
Employee Training ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Intellectual Property Protection ,
Manufacturers ,
Noncompliance ,
Theft ,
Trade Secrets
In the hyper-connected era of smart manufacturing, accelerated by “Industry 4.0,” the manufacturing sector is undergoing a digital revolution. By leveraging technologies such as advanced automation, artificial intelligence,...more
9/25/2023
/ Artificial Intelligence ,
Automation Systems ,
Blockchain ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
DFARS ,
Employee Training ,
Energy Sector ,
FERC ,
General Data Protection Regulation (GDPR) ,
Healthcare ,
Internet of Things ,
Malware ,
Manufacturers ,
National Security ,
Pharmaceutical Industry ,
Popular ,
Social Engineering ,
State Sponsors of Cyberattacks ,
Supply Chain ,
Technology ,
Telecommunications ,
Transportation Industry ,
Vulnerability Assessments
The advent of new technology brings along with it the murkiness of how the American legal system will treat such technology. Before the rise of blockchain for instance, businesses were uncertain how courts would treat...more
10/8/2021
/ Blockchain ,
California Consumer Privacy Act (CCPA) ,
Confidentiality Policies ,
E-SIGN ,
Force Majeure Clause ,
General Data Protection Regulation (GDPR) ,
Governance Standards ,
Service Level Agreements ,
Smart Contracts ,
Supply Chain ,
Termination ,
UETA
The European Commission adopted new versions of the Standard Contractual Clauses (SCCs) on June 4, 2021. The new SCCs finally replace the original SCCs adopted under the 1998 European Data Protection Directive (DPD) and did...more
7/6/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK Data Protection Act
Earlier today, the European Commission approved and adopted a new version of the Standard Contractual Clauses (SCCs) that revises how data may be transferred by including additional privacy and legal safeguards. The remodeled...more
On November 12, 2020, the European Commission (“EC”) published a draft implementing decision on standard contractual clauses (“SCCs”) for the transfer of personal data to third countries pursuant to the General Data...more
12/7/2020
/ Cross-Border Transactions ,
Data Controller ,
Data Processors ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
As many organizations continue to struggle with the fallout from the July 2020 Schrems II decision from the European Court of Justice (“CJEU”), in November, the European Data Protection Board (“EDPB”) published two pieces of...more
12/2/2020
/ Audits ,
Data Transfers ,
Due Diligence ,
European Court of Justice (ECJ) ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
Executive Orders ,
FISA ,
General Data Protection Regulation (GDPR) ,
New Guidance ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
While the world anxiously awaited the results of the November 2020 U.S. federal elections, California silently passed California Proposition 24, the California Privacy Rights Act (CPRA). Labeled on the ballot simply as...more
11/13/2020
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Data Mapping ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Policies and Procedures ,
Safe Harbors ,
Sensitive Personal Information
On August 14, 2018, the Brazilian government approved the Brazilian General Data Protection Law, known as the Lei Geral de Proteção de Dados Pessoais (“LGPD”). Enforcement was set to begin on August 15, 2020 but then, due to...more
9/11/2020
/ Binding Corporate Rules ,
Brazil ,
Certifications ,
Coronavirus/COVID-19 ,
Data Protection ,
Data Protection Officers (DPOs) ,
Economic Sanctions ,
EU ,
General Data Protection Regulation (GDPR) ,
New Guidance ,
Noncompliance ,
Penalties ,
Personal Data
On July 16, 2020, the Court of Justice of the European Union (CJEU) issued its anxiously-awaited judgment in the Schrems II case. The CJEU’s decision upheld the Standard Contractual Clauses (SCCs) but, somewhat surprisingly,...more
7/21/2020
/ Court of Justice of the European Union (CJEU) ,
Data Collection ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
Executive Orders ,
Federal Trade Commission (FTC) ,
FISA ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Safe Harbors ,
Standard Contractual Clauses
As industry continues to adapt to the evolving realities of shelter-in-place orders, companies face challenges in supporting an unprecedented remote workforce while balancing compliance with a variety of regulatory agencies....more
5/4/2020
/ CARES Act ,
Centers for Disease Control and Prevention (CDC) ,
Centers for Medicare & Medicaid Services (CMS) ,
Consumer Financial Protection Bureau (CFPB) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Popular ,
Safe Harbors ,
World Health Organization
Beginning with the California Online Privacy Protection Act (CalOPPA) in 2004, California has led the U.S. in adopting laws to protect the privacy of its residents. California continued this trend by enacting the California...more
Under the ePrivacy Directive, in conjunction with the GDPR, the use of nonessential cookies (e.g., advertising and analytics) requires an affirmative, opt-in consent.
Pre-ticked check boxes and other defaults that do not...more
10/15/2019
/ Consent ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
Data Subjects Rights ,
e-Privacy Directive ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Germany ,
Online Gaming ,
Opt-In ,
Personal Data
...On June 28, 2018, California passed AB 375, the California Consumer Privacy Act of 2018 (CCPA), which will become effective January 1, 2020. Introduced just a week earlier in an effort to defeat a much stricter...more
7/3/2018
/ Consumer Protection Laws ,
Cybersecurity ,
Data Collection ,
General Data Protection Regulation (GDPR) ,
Governor Brown ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Portability ,
Right to Be Forgotten ,
State and Local Government
The security breach announced by Equifax Inc. on September 7, 2017, grabbed headlines around the world as Equifax revealed that personal data of roughly 143 million consumers in the United States and certain UK and Canadian...more
9/14/2017
/ Breach Notification Rule ,
Canada ,
Corporate Counsel ,
Credit Reporting Agencies ,
Cyber Attacks ,
Data Breach ,
Equifax ,
EU ,
Fines ,
General Data Protection Regulation (GDPR) ,
Identity Theft ,
Incident Response Plans ,
Notice Requirements ,
Personally Identifiable Information ,
State Data Breach Notification Statutes ,
UK
On July 8, 2016, the Article 31 Committee, comprised of representatives of the European Union (EU) member states, voted to approve a revised Privacy Shield framework that is intended to replace the Safe Harbor framework...more
7/14/2016
/ Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ombudsman ,
Personal Data ,
Registration Requirement ,
Self-Certification ,
Standard Contractual Clauses ,
Surveillance ,
Third-Party ,
U.S. Commerce Department ,
UK ,
UK Brexit ,
US-EU Safe Harbor Framework
The European Union Article 29 Working Party (Article 29) issued an opinion on the proposed EU-U.S. Privacy Shield framework agreement (Privacy Shield) last month, stating that although the Privacy Shield was a “great step...more
5/3/2016
/ Article 29 Working Party (WP29) ,
Automotive Industry ,
Binding Corporate Rules ,
Data Collection ,
Data Processors ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Privacy Policy ,
Standard Contractual Clauses
The European Union Article 29 Working Party (Article 29) issued an opinion on the proposed EU-U.S. Privacy Shield framework agreement (Privacy Shield) last week, stating that although the Privacy Shield was a “great step...more
4/18/2016
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
Consent ,
Cyber Incident Reporting ,
Data Breach Plans ,
Data Retention ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ombudsman ,
Personal Data ,
Privacy Policy ,
Sarbanes-Oxley ,
Standard Contractual Clauses ,
Surveillance ,
US-EU Safe Harbor Framework
With the Article 29 Working Party’s position on the adequacy of the EU-U.S. Privacy Shield framework agreement (Privacy Shield) decision expected this week, U.S. businesses should be evaluating privacy options and preparing...more
4/12/2016
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses ,
U.S. Commerce Department