Sports teams, leagues, agents and venues collecting personal information from athletes, fans and sponsors must comply with evolving privacy regulations. Here are key takeaways from a conversation Orrick recently hosted with...more
AI companies should familiarize themselves with trade secret law to safeguard their innovations. A company does not need to register a trade secret to invoke it in litigation, unlike other IP protections. Trade secrets can...more
The children’s privacy and online safety regulatory landscape is evolving quickly. To keep up, companies subject to U.K. law should understand their users, enhance safety features and conduct risk assessments, all while...more
We've really seen an explosion of AI laws at the state level in the last year. In 2024 alone, there have been over 600 bills proposed at the state level on AI.
This is really challenging for companies to keep on top of the...more
The U.S. Department of Housing and Urban Development (HUD) has issued new heightened cybersecurity incident notice requirements that take effect immediately. FHA-approved mortgagees are now required to notify HUD of any...more
If passed, the proposed American Privacy Rights Act would dramatically transform data privacy compliance obligations for companies operating in the United States. Shannon Yavorsky — head of Orrick’s global Cyber, Privacy &...more
5/2/2024
/ Covered Entities ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Financial Regulatory Reform ,
Financial Services Industry ,
Legislative Agendas ,
Privacy Laws ,
Proposed Legislation
Two laws take effect in Utah on May 1 that impose legal requirements on a broad range of generative AI uses. The laws: With the implementation of these laws, Utah becomes one of the first U.S. states to impose specific...more
Over 5,000 privacy professionals from around the world gathered in Washington, D.C. this month for the International Association of Privacy Professionals’ Global Privacy Summit 2024. The conference focused on debating the...more
Two leading U.S. legislators have unveiled a bipartisan plan to enact the first comprehensive federal data privacy law. The proposed American Privacy Rights Act (APRA) largely mirrors common themes in the patchwork of state...more
On February 28, 2024, President Biden issued Executive Order 14117, calling for new regulations to prohibit or restrict transactions that enable countries of concern to access sensitive U.S. personal and government data. The...more
New Jersey has become the first state to enact a comprehensive consumer privacy law in 2024.
The New Jersey Data Privacy Act will take effect January 15, 2025. The law draws inspiration from the comprehensive state consumer...more
California Gov. Gavin Newsom has signed a bill into law aimed at letting consumers delete their personal information in the hands of data brokers in California....more
On July 10, 2023, the European Commission formally approved the EU-U.S. Data Privacy Framework (“DPF"). You can view our brief video discussion about the DPF or read our initial update.
Companies that maintained their...more
This essential guide to the European Data Act is part of Orrick’s Cybersecurity & Privacy Compass Series. The Cybersecurity & Privacy Compass is your global guide to constant cybersecurity and privacy change.
In this guide,...more
Artificial Intelligence (AI) is transforming financial services, from underwriting and trading securities to customizing financial products and services. These innovative modeling techniques may enhance the accuracy of models...more
Europe is in the midst of a transformation of its regulatory strategy for digital technologies. The EU has passed or proposed a number of laws affecting digital service providers in a broad range of legal areas and sectors....more
In early October, the United States (“U.S.”) and European Union (“EU”) came one step closer to the much-awaited new EU-US Data Privacy Framework (the “Framework”), designed to facilitate transatlantic data flows between the...more
10/26/2022
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
After months of anticipation, the European Data Protection Board (EDPB) adopted new Guidelines on the calculation of administrative fines under the GDPR in May 2022. With the newly released Guidelines, the EDPB seeks to...more
Looking towards 2023, organizations should be mindful of the effective dates of several new state privacy laws in the U.S. Companies should review the new laws to evaluate their applicability and identify potential...more
9/16/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Popular ,
State Privacy Laws
The U.S. Legislature has proposed the first bipartisan comprehensive consumer data protection law, the American Data Privacy and Protection Act (ADPPA). If enacted, the United States would join over 100 countries and several...more
In recent years, the use of artificial intelligence (AI) has proliferated across industries. With the widespread adoption of this technology, many business decisions are now made in consultation with, if not reliance upon, AI...more
Google Analytics remains a hot topic for businesses and apparently also for data protection authorities (DPAs). With the advent of these new decisions and the new CNIL guidance, businesses have an even harder time justifying...more
Quantum computing has the potential to drive economic growth and promote innovation across a range of industries such as manufacturing, supply chain optimization and logistics, molecular simulations and pharmaceuticals,...more
From building keycard records to detailed financial information, landlords, developers and property management companies have access to huge amounts of data, and U.S. regulators are starting to take note. A growing number of...more
6/23/2022
/ California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Federal Trade Commission (FTC) ,
Internet of Things ,
Popular ,
Property Management Companies ,
Real Estate Investments ,
State Privacy Laws
France’s data protection authority, the Commission Nationale de Informatique et des Libertés (“CNIL”), has issued one of its highest General Data Protection Regulation (“GDPR”) sanctions to-date against Dedalus Biologie SAS...more