Amy Pimentel

Amy Pimentel

McDermott Will & Emery

Contact
View Bio
RSS

Latest Posts › Personal Data

Share:

And We’re Back: New Jersey Kicks Off 2024 With New Consumer Privacy Law

On January 8, 2024, the New Jersey legislature passed the New Jersey Data Privacy Act (NJDPA). The bill, SB 332, will soon head to Governor Phil Murphy’s desk for signing. Assuming the bill is signed quickly, it will go into...more

1/11/2024  /  Consumer Protection Laws , Data Controller , Data Protection , Enforcement Actions , New Jersey , Personal Data , Privacy Laws , Sensitive Personal Information , State and Local Government , State Privacy Laws

New EU-US Data Privacy Framework: What Companies Need to Know

On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concluded that the United States does ensure an adequate level of protection for transferring...more

7/14/2023  /  Data Privacy , Data Protection , Data Security , EU , EU Data Protection Laws , EU-US Privacy Shield , European Commission , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data , SCC , Standard Contractual Clauses , US-EU Safe Harbor Framework

European Commission Begins Process for Adoption of US Adequacy Decision

Since Schrems II invalidated the US/EU Privacy Shield, the flow of personal data from the European Union to the United States has been subject to intense regulatory scrutiny. Companies transferring personal data to the United...more

12/15/2022  /  Data Protection , Data Transfers , EU , EU-US Privacy Shield , European Commission , European Data Protection Board (EDPB) , General Data Protection Regulation (GDPR) , Personal Data , Schrems I & Schrems II , Standard Contractual Clauses

State Privacy Patchwork Spreads with Signing of Colorado Privacy Act

On July 7, 2021, Colorado Governor Jared Polis signed the Colorado Privacy Act (CPA) into law, the latest in the recent wave of state privacy legislation but unlikely to be the last. The CPA will take effect July 1, 2023, six...more

7/12/2021  /  Colorado , Consumer Privacy Rights , Data Protection , Enforcement , Governor Polis , Liability , New Legislation , Personal Data , Privacy Laws , State Privacy Laws

Virginia Consumer Data Protection Act: A Growing Wave of Comprehensive State Privacy Laws

Virginia’s Consumer Data Protection Act (CDPA) is expected to be signed into law by Governor Ralph Northam and will be the second comprehensive state data privacy law in the United States after the California Consumer Privacy...more

2/24/2021  /  Business Entities , California Consumer Privacy Act (CCPA) , California Privacy Rights Act (CPRA) , Data Protection , Governor Northam , Health Insurance Portability and Accountability Act (HIPAA) , Personal Data , Privacy Laws , Proposed Legislation , Regulatory Oversight , State and Local Government , State Legislatures

[Event] CCPA Compliance: An Interactive Workshop - Multiple Dates/Locations, February 11th - 24th

Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more

1/16/2020  /  Automation Systems , Best Practices , California Consumer Privacy Act (CCPA) , Compliance , Consent , Consumer Privacy Rights , Continuing Legal Education , Cybersecurity , Data Collection , Data Management , Data Privacy , Data Protection , Data Security , Data Subject Access Requests , Data Subjects Rights , Discovery , Events , Information Security , Information Technology , Personal Data , Personally Identifiable Information , Privacy Laws , Regulatory Requirements , Risk Assessment , Vendor Contacts , Vendors

[Event] CCPA Compliance: An Interactive Workshop - Multiple Dates/Locations, Jan. 22nd - 30th

Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more

1/14/2020  /  Automation Systems , Best Practices , California Consumer Privacy Act (CCPA) , Compliance , Consent , Consumer Privacy Rights , Continuing Legal Education , Cybersecurity , Data Collection , Data Management , Data Privacy , Data Protection , Data Security , Data Subject Access Requests , Data Subjects Rights , Discovery , Events , Information Security , Information Technology , Personal Data , Personally Identifiable Information , Privacy Laws , Regulatory Requirements , Risk Assessment , Vendor Contacts , Vendors

A Sale, or Not a Sale? The Digital Advertising Debate

The California Consumer Privacy Act (CCPA) requires businesses who engage in “sales” of “personal information,” to offer consumers the right to opt out of such sales via a “Do Not Sell My Personal Information” link or button...more

1/9/2020  /  Advertising , California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Data Privacy , Data Transfers , Data Use Policies , Data-Sharing , Opt-Outs , Personal Data , Personally Identifiable Information , Privacy Policy , Third-Party Liability , Vendors

Proposed CCPA Regulations: The Attorney General's Expectations for Businesses Subject to the CCPA

On October 10, 2019, the California Attorney General released proposed regulations to implement the California Consumer Privacy Act (CCPA), including substantial new requirements not included in the CCPA. Here we offer a...more

10/15/2019  /  California Consumer Privacy Act (CCPA) , Compliance , Consumer Privacy Rights , Data Collection , Data Privacy , Data Protection , Notice Requirements , Personal Data , Personally Identifiable Information , Privacy Laws , Regulatory Requirements , State Attorneys General

Does GDPR Regulate My Research Studies in the United States?

The General Data Protection Regulation (GDPR) establishes protections for the privacy and security of personal data (Personal Data) about individuals in the European Union (EU) single market countries, and potentially affects...more

2/6/2018  /  Cybersecurity , EU , EU Data Protection Laws , Extraterritoriality Rules , General Data Protection Regulation (GDPR) , Personal Data , Popular

ECJ Confirms Dynamic IP Address May Constitute Personal Data But Can Be Logged to Combat Cyberattacks

On 19 October 2016, the European Court of Justice (ECJ) held (Case C-582/14 – Breyer v Federal Republic of Germany) that dynamic IP addresses may constitute personal data. The ECJ also held that a website operator may collect...more

11/1/2016  /  Cyber Attacks , Cybersecurity , EU , EU Data Protection Laws , European Court of Justice (ECJ) , General Data Protection Regulation (GDPR) , IP Addresses , Personal Data

The Privacy Shield: September 30, 2016, Deadline for Early Self-Certification Offers Compliance Opportunity and Risk

The European Commission recently determined that the Privacy Shield Framework is adequate to legitimize data transfers under EU law, providing a replacement for the Safe Harbor program. The Privacy Shield is designed to...more

8/31/2016  /  Binding Corporate Rules , Data Protection , EU , EU-US Privacy Shield , European Commission , European Court of Justice (ECJ) , General Data Protection Regulation (GDPR) , International Data Transfers , Model Clauses , Notice Requirements , Personal Data , Private Right of Action , Self-Certification , U.S. Commerce Department , US-EU Safe Harbor Framework

Safe Harbor Update: House Votes to Pass Judicial Redress Act

The Judicial Redress Act of 2015 (H.R. 1428) (Judicial Redress Act) is on its way to the U.S. Senate. On October 20th, the U.S. House of Representatives voted in favor of passage. The Judicial Redress Act extends...more

10/23/2015  /  Data Privacy , Data Protection , Data Protection Authority , Data Security , EU , EU Data Protection Laws , European Court of Justice (ECJ) , Information Sharing , International Data Transfers , Judicial Redress Act , Law Enforcement , Pending Legislation , Personal Data , Privacy Legislation , US-EU Safe Harbor Framework

Safe Harbor Update: Safe Harbor Sequel Coming Soon?

As we wrote on October 6, 2015, the Court of Justice of the European Union (CJEU) announced its invalidation of the U.S.-EU Safe Harbor program as a legally valid pathway for transferring personal data of European Union (EU)...more

10/20/2015  /  Article 29 Working Group , Binding Corporate Rules , Data Privacy , Data Protection Authority , Data Security , EU , EU Data Protection Laws , European Court of Justice (ECJ) , Informed Consent , International Data Transfers , Personal Data , SCC , Surveillance , US-EU Safe Harbor Framework , Vendors

Court of Justice of the European Union Says Safe Harbor Is No Longer Safe

On October 6, 2015, the Court of Justice of the European Union (CJEU) announced its determination that the U.S.-EU Safe Harbor program is no longer a “safe” (i.e., legally valid) means for transferring personal data of EU...more

10/7/2015  /  Binding Corporate Rules , Data Privacy , Data Protection Authority , Data Security , Edward Snowden , EU , EU Data Protection Laws , European Commission , European Court of Justice (ECJ) , Facebook , International Data Transfers , Judicial Redress Act , Personal Data , PRISM Program , SCC , Schrems I & Schrems II , Surveillance , US-EU Safe Harbor Framework
15 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide