As our world has grown more connected and digitalized, and as smart, data-driven devices — including those that form the Internet of Things (IoT) — have become more prevalent, regulators have begun to reframe how they address...more
Maryland’s legislature passed consumer privacy bill SB 541 (the Maryland Online Data Privacy Act (MODPA)), putting it on track to become the nation’s 15th comprehensive state privacy law (if you count the Florida Digital Bill...more
The Biden Administration has issued an executive order to curtail access by China, Russia, and other countries of concern to Americans’ sensitive personal data. The Department of Justice and other agencies are tasked to take...more
Adding to the growing list of heightened privacy and data protection requirements imposed on consumer health data and other categories of sensitive personal data, the Washington Attorney General recently updated its guidance...more
The New Jersey Senate and Assembly passed consumer privacy bill S332/A1971. The bill now goes to Governor Phil Murphy for his signature. If signed, the law will become the 13th state to pass a broadly applicable privacy bill....more
The California Privacy Protection Agency’s proposal of new regulations for automated decisionmaking technology marks a significant step to govern how businesses may leverage those automated tools. The new framework focuses on...more
Momentum is growing for a federal privacy law in the United States. A bipartisan group of House and Senate leaders have released a discussion draft of a baseline consumer data protection legislation. The American Data...more
The California Privacy Protection Agency has released draft privacy regulations as part of its efforts to implement the California Privacy Rights Act. We describe five key observations in this client alert....more
Research and development, innovation, product and service improvement, AI design and deployment...these are key commercial drivers for the successful modern business. They also underpin technological, medicinal, and other...more
On July 19, California’s recently appointed Attorney General, Rob Bonta, launched an interactive tool to aid consumers with drafting notices of noncompliance for businesses who fail to publish the “Do Not Sell My Personal...more
The Governor of Colorado signed the Colorado Privacy Act (CPA) on July 7, 2021, making it the third state in the United States to enact broad consumer privacy legislation. Building on now-familiar concepts from the California...more
After the passage of the Colorado Privacy Act earlier this month, businesses that operate across the U.S. are now confronted with the challenge of developing privacy compliance programs for three new privacy laws by 2023 ...more
The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more
6/4/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Department of Homeland Security (DHS) ,
Hackers ,
Information Technology ,
National Security ,
Oil & Gas ,
Pipelines ,
Popular ,
Ransomware ,
Supply Chain ,
Threat Management
What is Living Mobility? It is easier to say what it is not. The automotive industry is no longer focused on the traditional vehicle. Not only are the vehicles changing but we are now focused on mobility: different modes of...more
4/14/2021
/ Artificial Intelligence ,
Automation Systems ,
Automotive Industry ,
Blockchain ,
Connected Cars ,
Data Protection ,
Driverless Cars ,
Drones ,
Infrastructure ,
Innovative Technology ,
Motor Vehicles
Virginia is on track to be the second U.S. state to enact comprehensive consumer privacy legislation. Both the Virginia House of Delegates and the Virginia Senate have passed nearly identical versions of the Consumer Data...more
2/10/2021
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Agenda ,
Risk Management ,
State and Local Government
It’s official. The California Privacy Rights Act (CPRA) has received enough valid signatures to appear on the November 2020 ballot. And if polling from late last year remains accurate, California voters are likely to approve...more
6/26/2020
/ Ballot Measures ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Legislative Agendas ,
Personally Identifiable Information ,
State and Local Government
On June 1, The California Attorney General (CA AG) submitted the final text of the CCPA regulations to the California Office of Administrative Law (OAL) for approval. ...more
6/2/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
Businesses spent the latter months of 2019 working hard to prepare for the January 1, 2020 implementation of the California Consumer Privacy Act (CCPA). ...more
5/7/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
On March 11, The California Attorney General (CA AG) released a second set of modifications to the proposed regulations implementing the California Consumer Privacy Act (CCPA)....more
3/13/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Digital Service Providers ,
Information Governance ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Right to Delete ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
On Friday, February 7, 2020, the California Attorney General (CA AG) released notice of changes to the California Consumer Privacy Act (CCPA) draft regulations. Initial draft regulations were published for public comment on...more
2/10/2020
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
Washington State is already shaping up as a center of state privacy legislation for 2020.
Last year, SB 5376 (also known as the Washington Privacy Act, or WPA) gained significant traction in the legislature, passing the...more
1/14/2020
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Facial Recognition Technology ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Portability ,
Proposed Legislation ,
Right to Delete ,
State and Local Government
On October 17, 2019, the Hogan Lovells Privacy and Cybersecurity team discussed key elements of the California Attorney General’s proposed regulations implementing certain provisions of the California Consumer Privacy Act...more
11/5/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Deletion ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Right to Delete ,
Rulemaking Process ,
State and Local Government
Whilst political uncertainty may have businesses’ attention fixed, the Hogan Lovells Global Survey on Digital Regulation: ‘A Turning Point for Tech’ suggests that tech companies should be looking elsewhere. During yesterday’s...more
10/31/2019
/ 5G Network ,
Big Tech ,
Business Model ,
Competition ,
Copyright ,
Corporate Taxes ,
Cybersecurity ,
Data Protection ,
Digital Platforms ,
Enforcement Programs ,
EU ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Privacy Concerns ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Standards ,
United Arab Emirates (UAE)
On October 10, California Attorney General Xavier Becerra (CA AG) released proposed regulations to implement certain provisions of the California Consumer Privacy Act (CCPA). The CA AG also released a Notice of Proposed...more
10/14/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Information Sharing ,
Non-Discrimination Rules ,
NPRM ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
Since the California Consumer Privacy Act’s (CCPA) hasty passage in June last year and minor changes last September, the CCPA has vexed businesses working on compliance. Among many practical challenges, the CCPA often...more
9/25/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
Legislative Agendas ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Agenda ,
Request For Information ,
Rulemaking Process ,
State and Local Government