Looking towards 2023, organizations should be mindful of the effective dates of several new state privacy laws in the U.S. Companies should review the new laws to evaluate their applicability and identify potential...more
9/16/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Popular ,
State Privacy Laws
The U.S. Legislature has proposed the first bipartisan comprehensive consumer data protection law, the American Data Privacy and Protection Act (ADPPA). If enacted, the United States would join over 100 countries and several...more
In recent years, the use of artificial intelligence (AI) has proliferated across industries. With the widespread adoption of this technology, many business decisions are now made in consultation with, if not reliance upon, AI...more
Google Analytics remains a hot topic for businesses and apparently also for data protection authorities (DPAs). With the advent of these new decisions and the new CNIL guidance, businesses have an even harder time justifying...more
The Consumer Financial Protection Bureau (the “CFPB” or the “Bureau”) extended its reach into the realm of data protection with a recent advisory opinion interpreting the “permissible purpose” provision of the Fair Credit...more
Quantum computing has the potential to drive economic growth and promote innovation across a range of industries such as manufacturing, supply chain optimization and logistics, molecular simulations and pharmaceuticals,...more
From building keycard records to detailed financial information, landlords, developers and property management companies have access to huge amounts of data, and U.S. regulators are starting to take note. A growing number of...more
6/23/2022
/ California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Federal Trade Commission (FTC) ,
Internet of Things ,
Popular ,
Property Management Companies ,
Real Estate Investments ,
State Privacy Laws
At a board meeting on June 8, 2022, the California Privacy Protection Agency (“CPPA”) voted unanimously to move forward with draft revised California Consumer Privacy Act (“CCPA”) regulations, beginning a formal rulemaking...more
After more than a year of negotiations the final text of Europe’s (EU) Digital Services Act (“DSA”) has been agreed upon by the EU Parliament, the French Presidency of the Council of the EU, and the European Commission (“EU...more
France’s data protection authority, the Commission Nationale de Informatique et des Libertés (“CNIL”), has issued one of its highest General Data Protection Regulation (“GDPR”) sanctions to-date against Dedalus Biologie SAS...more
The Cybersecurity and Infrastructure Security Agency (“CISA”) released a “Sharing Cyber Event Information” Fact Sheet on April 7 that may preview its implementation of the new federal government cyber incident reporting...more
The United States ("U.S.") and the European Commission ("EU Commission") recently announced an “agreement in principle” to develop a new Trans-Atlantic Data Privacy Framework (“Framework”). The Framework is intended to...more
Update: UK international data transfer agreement and UK addendum to the EU standard contractual clauses now in force In February, the Information Commissioner’s Office (“ICO”), the United Kingdom (UK) data protection...more
A “Kafkaesque” bank customer service experience in France has led to a “Right to be Forgotten” own-goal. Following a decision handed down by the judicial tribunal of Grenoble, France, on 7 February 2022, a French bank has...more
On March 10 2022, the UK Information Commissioner’s Office (ICO) handed down its first Monetary Penalty Notice in respect of a ransomware attack and data exfiltration incident under the UK General Data Protection Regulation...more
To help your company get its United States (U.S.) state privacy compliance program on the right track in 2022, Orrick's Cyber' Privacy & Data Innovation Group has analyzed the differences between key topics for the California...more
3/15/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Personal Information ,
State Privacy Laws
In February 2022, the United Kingdom (UK) Information Commissioner’s Office (“ICO”), along with the data protection authority (“DPA”) in the UK, published three new documents ("UK Documents") which update the UK's position on...more
Environmental, social, and governance (ESG) factors are increasingly a key area of focus for investors and stakeholders. Businesses today are expected to have policies and strategies focused on long-term value creation and to...more
We expect many of the trends of 2021 in health data privacy to continue to pick up steam this year. See below for six noteworthy trends that life sciences and healthcare companies should continue to keep an eye on in 2022: ...more
The California Privacy Rights Act (CPRA) became law on December 16, 2020, and amended the California Consumer Privacy Act (CCPA). When the CPRA becomes fully operative on January 1, 2023, these important changes, among...more
Significant developments in artificial intelligence, cybersecurity and consumer privacy occurred across the globe in 2021 with the anticipation of more activity in 2022. Our roundup for the year captures some of the major...more
Across the United States (U.S.), 2021 was a busy year for legislative and regulatory-related consumer privacy developments. Our roundup captures some of the major updates that occurred in states throughout the year. We will...more
On November 19, 2021, the European Data Protection Board (“EDPB”) issued draft guidance on the interplay between Article 3 of the General Data Protection Regulation (“GDPR”) and the provisions on international transfers...more
On June 7, 2021, the European Commission (Commission) published its long-awaited Implementing Decision adopting standard contractual clauses for the transfer of personal data to third countries referred to as the new Standard...more
Artificial Intelligence (AI) regulation is coming, and companies considering implementing AI or already utilizing AI should be prepared. Below are 10 steps that companies can take now to harness the benefits of AI in a fair...more
7/2/2021
/ Algorithms ,
Artificial Intelligence ,
Big Data ,
Code of Conduct ,
European Commission ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Machine Learning ,
Popular ,
Regulatory Requirements ,
Technology Sector