By now, many of us are using AI, advising others about how to use AI, and waiting for some legislative miracle to give us some guardrails for what we can or cannot be doing with AI. A lot of effort has been put into tracking...more
10/11/2023
/ Argentina ,
Artificial Intelligence ,
Australia ,
Canada ,
Corporate Counsel ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Ireland ,
Italy ,
Japan ,
Machine Learning ,
New Zealand ,
Norway ,
Popular ,
Regulatory Agenda ,
South Korea ,
Spain ,
UK
This Update highlights some of the international data protection issues that caught our attention and the attention of our clients over the winter, including updates on European data transfers and cookie compliance,...more
3/15/2022
/ Cookies ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
International Data Transfers ,
Russia
This update highlights some of the international data protection issues that caught our attention, and the attention of our clients, over the summer. Asia-Pacific - China’s Data Security Law and Personal Information...more
On June 4, 2021, the European Union’s (EU) executive branch, the European Commission (EC), released their new Standard Contractual Clauses (SCCs) for compliant cross-border data transfers under the EU’s General Data...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
3/30/2021
/ Asia Pacific ,
CNIL ,
Cookies ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Data Transfers ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Notice Requirements ,
Personal Data ,
Popular ,
Russia ,
South America ,
UK ,
Web Tracking
Last week, both the European Data Protection Board (EDPB) and the European Commission released highly anticipated draft documents offering guidance to organizations that engage in cross-border data transfers involving EU...more
With physical schools closed indefinitely, classrooms have moved online, either introducing or significantly expanding children’s use of virtual education technology and highlighting certain privacy concerns. Responding to...more
Much has been said about the scope of the California Consumer Privacy Act (CCPA) and the far-reaching implications the law will have on businesses throughout the United States. Although it is true that the territorial reach...more
As we reported in April, May and June, a number of potentially significant amendments to the California Consumer Privacy Act (CCPA) continue to make their way through the state legislative process. ...more
The California Consumer Privacy Act (CCPA) is a comprehensive new consumer protection law set to take effect on January 1, 2020. In the wake of the CCPA’s passage, approximately 15 other states introduced their own CCPA-like...more
3/28/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Right to Delete
The use of wearable technology (colloquially known as “wearables”) has been on the radar of athletes, sponsors, sports teams and leagues for years, with the various constituencies carefully balancing the necessity for player...more
This is the third webinar in our series addressing compliance priorities and questions raised by GDPR. Important issues continue to emerge.
Join our panelists, including the GDPR-seasoned general counsel of a global...more
We are pleased to present part two in our series addressing key compliance challenges and common questions concerning the European Union’s new General Data Protection Regulation (GDPR) which took effect May 25, 2018....more
The big push for GDPR compliance is over – or is it? Now that the GDPR has taken effect, organizations are facing the challenge of ongoing compliance with this sweeping regulation, trying to balance risk while reading...more
On April 18, 2018, the Canadian government published long-awaited Breach of Security Safeguards Regulations specifying the requirements for notifying the Office of the Privacy Commissioner and affected individuals of data...more
With only four months remaining until the EU General Data Protection Regulation takes effect on May 25, 2018, the European Commission has launched a new website offering guidance on requirements and implementation targeted at...more
On October 23, the Federal Trade Commission (FTC) released new guidance on how the Children’s Online Privacy Protection Act (COPPA) Rule may apply to audio recordings of children’s voices collected by websites and online...more
On August 7, 2017, the Securities and Exchange Commission (SEC) released its latest cybersecurity risk alert, detailing findings from the examination of 75 broker-dealers, investment advisers and investment companies carried...more
8/17/2017
/ Broker-Dealer ,
Cybersecurity ,
Data Breach Plans ,
Data Privacy ,
Data Protection ,
Data Security ,
Investment Adviser ,
OCIE ,
Popular ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Third-Party ,
Training
Nevada recently became the latest state to pass a law requiring operators of websites and online services to post a public notice regarding their privacy practices. California was the first state to pass such a law in 2004,...more
With the first compliance deadline now less than two months away, the New York Department of Financial Services (NYDFS) has provided additional clarity concerning its new Cybersecurity Requirements for Financial Services...more
Effective July 23, 2017, Washington will join Illinois and Texas as the third U.S. state to impose statutory restrictions on how businesses collect, use, disclose and retain biometric information. House Bill 1493 applies to...more
As noted in the 2017 BakerHostetler Data Security Incident Response Report, the enactment of the EU General Data Protection Regulation (GDPR) represents the most significant change in European data protection law in more than...more
On March 27, 2017, the Colorado Department of Regulatory Agencies proposed changes to the Colorado Securities Act that would impose new cybersecurity requirements on investment advisers and broker-dealers (the “Proposed...more
On March 17, 2017, the Federal Trade Commission (FTC) announced that it had reached a $500,000 settlement with Upromise, a membership reward service aimed at families saving for college. The FTC had alleged that Upromise...more
On February 16, 2017, the New York Department of Financial Services (NYDFS) announced the release of its finalized Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulation”), which will take...more