The European Commission has published its new Standard Contractual Clauses (“SCCs”) for international transfers of personal data.
We have pulled out a few key questions and answers to address immediate issues...more
Any day now, Virginia will likely become the second state, behind California, to adopt a GDPR-inspired comprehensive data protection law for Virginia residents....more
2/16/2021
/ California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Information Governance ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Regulatory Agenda ,
Sensitive Personal Information ,
State and Local Government
As we bid farewell to 2020 and look toward the uncharted territory of 2021, it is hard not to take inventory of all that has changed in such a short period. No one at the beginning of 2020 would have predicted what transpired...more
1/26/2021
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Communications Decency Act ,
Contact Tracing ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
DMCA ,
Employee Monitoring ,
FERPA ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Personally Identifiable Information ,
Ransomware ,
Van Buren v United States
On November 10, the European Data Protection Board (“EDPB”) released its “Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data” (the...more
11/17/2020
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
What Happened?
On October 1, 2020, the Hamburg Data Protection Commissioner (“Hamburg DPA”) fined clothing retailer H&M 37.8 million dollars (EURO 35.2 million) for several violations of the GDPR....more
10/14/2020
/ Data Breach ,
Data Collection ,
Data Management ,
Data Protection ,
Data Retention ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
H&M ,
Personal Data ,
Retailers
What Happened?
On October 1, 2020, the Hamburg Data Protection Commissioner (“Hamburg DPA”) fined clothing retailer H&M 37.8 million dollars (EURO 35.2 million) for several violations of the GDPR....more
10/13/2020
/ Corporate Counsel ,
Data Collection ,
Data Management ,
Data Protection ,
Data Retention ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
H&M ,
Personal Data ,
Retailers
As we continue our series on steps business owners should take to mitigate the risk of reopening, it is clear from the guidance that has been issued by several states that effective screening and contact tracing are issues...more
5/15/2020
/ California Consumer Privacy Act (CCPA) ,
Contact Tracing ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data-Sharing ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Privacy Concerns ,
Re-Opening Guidelines ,
Screening Procedures
On May 29, 2019, Nevada Governor Steve Sisolak signed into law Senate Bill 220 (SB 220), which allows a Nevada consumer to “opt-out” of the sale of his or her personal information to a third party. ...more
6/6/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Protection Laws ,
Data Collection ,
Data-Sharing ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
State and Local Government ,
State Data Breach Notification Statutes ,
Third Party Purchaser (TPP)
Does the General Data Protection Regulation (GDPR) allow employers to undertake routine criminal record checks on staff? As with many things GDPR, the answer is more complicated than one would expect....more
12/20/2018
/ Corporate Counsel ,
Criminal Background Checks ,
Employment Discrimination ,
General Data Protection Regulation (GDPR) ,
Hiring & Firing ,
Job Applicants ,
Member State ,
Personal Data ,
Screening Procedures ,
UK ,
Vetting
The European Data Protection Board (“EDPB”) recently released Guidelines 3/2018 on the territorial scope of the GDPR (Article 3). ...more
11/28/2018
/ Cybersecurity ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
New Guidance ,
Personal Data ,
Popular ,
Public Comment ,
Regulatory Oversight ,
Regulatory Requirements