Organizations whose mantra is “We just never delete anything” (i.e., organizations simply retaining all information indefinitely) are now facing headwinds, especially when the information contains personal information. As our...more
10/16/2024
/ Books & Records ,
California Consumer Privacy Act (CCPA) ,
CFTC ,
Data Preservation ,
Data Retention ,
Department of Justice (DOJ) ,
Electronic Communications ,
Electronically Stored Information ,
Enforcement Actions ,
Evidence ,
Federal Trade Commission (FTC) ,
Information Governance ,
Instant Messaging Apps ,
Investigations ,
Mobile Devices ,
Personal Information ,
Policies and Procedures ,
Recordkeeping Requirements ,
Regular Business Communications ,
Securities and Exchange Commission (SEC) ,
WeChat ,
WhatsApp
As we noted in our 2023 DSIR, there has been a flurry of activity within the information governance space, at home and abroad. This activity deserves further analysis, because while it seems from a distance that there are...more
8/31/2023
/ CNIL ,
Compliance ,
Data Protection Authority ,
Data Retention ,
EU ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Hungary ,
Information Commissioner's Office (ICO) ,
Information Governance ,
Italy ,
Privacy Laws ,
Regular Business Communications ,
State Privacy Laws ,
UK
Reconciling Recordkeeping Requirements Against the Prudence of Data Remediation -
As we have covered in previous alerts, the SEC and other regulators have intensified their scrutiny of the retention of electronic...more
In a March 3 speech at the ABA’s Annual National Institute on White Collar Crime, Kenneth Polite, chief of the DOJ’s Criminal Division, announced that the Criminal Division’s Evaluation of Corporate Compliance Programs (the...more
Our 2022 Data Security Incident Response Report discussed how businesses can be better positioned to meet the tight data breach notification deadlines now imposed in dozens of countries worldwide. In particular, we...more
7/15/2022
/ California Privacy Rights Act (CPRA) ,
Data Deletion ,
Data Management ,
Data Protection ,
Data Retention ,
Electronically Stored Information ,
General Data Protection Regulation (GDPR) ,
Legitimate Business Purpose ,
Personal Data ,
Regulatory Authority ,
Risk Mitigation
In some respects, 2013 seemed like a conversation between Vladimir and Estragon. Some commentators likened it to a simple, unified message that finally had E-Discovery practitioners, litigators in general, and affected...more