AI has great capability to both harm and to protect in a cybersecurity context. As with the development of any new technology, the benefits provided through correct and successful use of AI are inevitably coupled with the...more
On July 10, 2023, the EU Commission approved the EU-U.S. Data Privacy Framework (“EU-US DPF”) as a valid transfer mechanism for sharing personal data from European Economic Area countries (those in the EU plus Iceland,...more
7/13/2023
/ Adequacy Requirement ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
Framework Agreement ,
Iceland ,
International Data Transfers ,
Liechtenstein ,
Norway ,
Popular ,
Self-Certification ,
Switzerland ,
UK
Where are you?
Your exact location is a tidbit of information that can infringe on your privacy. Knowing your location all the time can help someone map your life....more
3/9/2022
/ California Privacy Rights Act (CPRA) ,
Consumer Information ,
Data Collection ,
EU ,
Geolocation ,
Location Data ,
Location Privacy ,
Mobile Apps ,
Mobile Devices ,
Mobile Privacy ,
Privacy Concerns ,
Sensitive Personal Information ,
State Privacy Laws
Four years after GDPR was implemented, we are seeing the pillars of the internet business destroyed. Given two new EU decisions affecting the practical management of data, all companies collecting consumer data in the EU are...more
US policy makers struggle with the tension between protecting personal privacy and enabling law enforcement surveillance. We know that both are important, but at a certain point, prioritizing one priority shortchanges the...more
2/4/2022
/ Analytics ,
Biometric Information ,
EU ,
European Data Protection Board (EDPB) ,
Europol ,
Facial Recognition Technology ,
Law Enforcement ,
Personal Data ,
Privacy Concerns ,
Privacy Laws ,
Regulatory Agenda ,
State Privacy Laws ,
Surveillance
Why don’t our new privacy laws really protect our privacy? Are we going about this the wrong way?
The topic was raised in the recent Capital Forum of state and federal enforcement agencies by FTC Chair Lena Kahn, who...more
12/15/2021
/ Analytics ,
Artificial Intelligence ,
Big Tech ,
Data Privacy ,
Data Protection ,
EU ,
Federal Trade Commission (FTC) ,
Mobile Devices ,
Notice and Comment ,
Personal Data ,
Personal Information ,
Privacy Laws ,
Regulatory Oversight ,
Sensitive Personal Information ,
Smart Devices ,
Surveillance
Humans are working artificial intelligence programs (AI) into business, government and daily life. Like with any new tool or technology, we start to see the initial technology flaws the more we are exposed to it....more
Most biometric readings require your presence in the same space as the measuring tools. Facial recognition, retinal capture, fingerprints or hand geometry, even biomarked scents are measured in close physical proximity. The...more
Hell hath no fury like a bureaucracy scorned. Do you know a person who insists on having his own way all the time and who wants to control your relationships with others? I hope not, but many of us do....more
Private citizens have a right to remove significant falsehoods from the public record. The law of defamation clearly allows for retractions and damage payments if provable lies are published....more
8/25/2021
/ Damages ,
Defamation ,
EU ,
False Statements ,
First Amendment ,
Google ,
Objective Falsity ,
Personal Information ,
Photographs ,
Pornography ,
Privacy Laws ,
Public Figures ,
Right to Delete
Is more information always better?
If someone wants to limit the use of information, and others want to expose, discuss or publicize it, who wins?...more
7/13/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Data Collection ,
Data Deletion ,
Defamation Act ,
EU ,
FOIA ,
Google ,
Privacy Laws ,
Right to Be Forgotten ,
State Privacy Laws ,
Sunshine Laws
Top 3 Takeaways -
On Friday, June 4, 2021, the European Commission adopted two sets of standard contractual clauses, one for use between controllers and processors and one for the transfer of personal data to “third...more
Meet the Euro-crats who think that the European Union needs to behave more like Russia and China.
More like Nigeria, Kazakhstan, and Indonesia.
These leaders are pushing not just to punish U.S. firms for successfully...more
Some companies don’t seem to care about privacy compliance. They may not have the money to build a compliance regime. They may not believe in the laws or believe that the laws would ever be applied to them. They may just not...more
The world just received the newest pronouncement from the EU Court of Justice, in a decision known as Schrems II, and the legal opinion extends the data war declared on the United States in the first Schrems decision....more
8/12/2020
/ Contract Terms ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
International Data Transfers ,
National Security ,
Personal Data ,
Standard Contractual Clauses ,
UK Brexit
On August 1st, the Hamburg Commissioner for Data Protection and Freedom of Information announced that the Hamburg Data Protection Commission (HDPC) had opened an administrative procedure to prohibit Google from carrying out...more
Were the Beatles still recording today, they might have to add this verse to Taxman. As what will surely be the opening salvo in government efforts to find ways to recapture the value of the personal data upon which so much...more
A European privacy regulator has spoken on a key facet in its General Data Protection Regulation (GDPR) interpretation. The UK’s enforcement office apparently believes that an EU data subject cannot give consent to a...more
You may be paying for cyber insurance that will not cover the most significant cyber risks faced by your business.
Recent studies call into question whether a company can insure against the unprecedented huge fines for...more
9/20/2018
/ Corporate Counsel ,
Cyber Insurance ,
Cybersecurity ,
Data Protection ,
Data Security ,
EU ,
Extraterritoriality Rules ,
Fines ,
General Data Protection Regulation (GDPR) ,
Member State ,
Popular
We are on the cusp of a revolution. While wealth managers have used computers to streamline complex analysis and to simplify customer service, the next wave of computational tools is already upon us. Artificial intelligence...more
Throughout history, people have waged sectarian fights to protect their beliefs. The Europeans, sitting at a crossroads of two major religions charged with converting the unenlightened, have a particularly combative...more
8/16/2018
/ Cybersecurity ,
Data Controller ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular
The EU’s General Data Protection Regulation goes into effect on May 25, 2018. GDPR replaces the EU Data Protection Directive. GDPR can apply to US-based businesses even if they do not have offices or employees in the EU. It...more
5/3/2018
/ Breach Notification Rule ,
Cybersecurity ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information
The EU’s General Data Protection Regulation goes into effect on May 25, 2018. GDPR replaces the EU Data Protection Directive. GDPR can apply to US-based businesses even if they do not have offices or employees in the EU. It...more
6 Months To Go The EU’s General Data Protection Regulation goes into effect on May 25, 2018. GDPR replaces the EU Data Protection Directive. GDPR can apply to US-based businesses even if they do not have offices or employees...more
11/30/2017
/ Contract Amendments ,
Cyber Policies ,
Cybersecurity ,
Data Breach ,
Data Controller ,
Data Processors ,
Data Protection Officers (DPOs) ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Vendor Contacts ,
Written Agreements
7 Months To Go -
The EU’s General Data Protection Regulation goes into effect on May 25, 2018. GDPR replaces the EU Data Protection Directive. GDPR can apply to US-based businesses even if they do not have offices or...more
11/1/2017
/ Contract Amendments ,
Cyber Policies ,
Cybersecurity ,
Data Breach ,
Data Controller ,
Data Processors ,
Data Protection Officers (DPOs) ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Vendor Contacts ,
Written Agreements