On May 24, 2024, Minnesota Governor Tim Walz signed the Minnesota Consumer Data Privacy Act (MCDPA), which will go into effect on July 31, 2025.
The law applies to entities that within a calendar year: (1) control or...more
On March 22, 2024, the Cybersecurity Administration of China (CAC), issued the long-awaited new Regulations on Promoting and Regulating Cross-Border Data Flows (the New Regulations) for compliance with China's Personal...more
On March 6, New Hampshire Governor Chris Sununu signed Senate Bill 255 (SB 255) into law. New Hampshire joins California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, New Jersey, Oregon, Tennessee, Texas, Utah...more
For Cybersecurity Awareness Month, which is recognized every October, California Attorney General Rob Bonta provided consumers and businesses with tips to defend against cybersecurity threats....more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
7/20/2023
/ California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Securities and Exchange Commission (SEC)
The European Commission approved a new adequacy decision on the EU-US Data Privacy Framework on July 10, 2023. The European Commission issued a press release, stating that "[T]he decision concludes that the United States...more
On May 28, the Texas legislature passed the Texas Data Privacy and Security Act (TDPSA), also known as H.B. 4. The TDPSA was sent to Governor Greg Abbott on May 30. If signed into law, the TDPSA will take effect on July 1,...more
On April 21, Montana and Tennessee passed comprehensive bills in their respective state legislatures. Montana and Tennessee now join Indiana and Iowa this year to enact comprehensive state privacy laws....more
Iowa is now the sixth state in the U.S. to adopt a comprehensive privacy law that aims to give consumers more control over protecting their personal data.
Signed by Gov. Kim Reynolds (R) on Tuesday, Senate File 262 was...more
Ever-Expanding BIPA Damages: Illinois Supreme Court Holds Each Collection or Dissemination of Biometric Data Constitutes a Separate Violation of BIPA -
In an eagerly-awaited decision in Cothron v. White Castle System,...more
3/22/2023
/ Biden Administration ,
Biometric Information ,
California Privacy Protection Agency (CPPA) ,
China ,
Cross-Border ,
Data Collection ,
Data Privacy ,
EU ,
Financial Industry Regulatory Authority (FINRA) ,
IL Supreme Court ,
Online Safety for Children ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
Singapore
Welcome to the inaugural issue of Katten’s Privacy, Data and Cybersecurity Quick Bytes. Each month, Quick Bytes will highlight the latest news and legal developments involving privacy, data and cybersecurity issues across the...more
New DOL Rule Enables Consideration of ESG Factors in Investing, Plus the SEC Continues its ESG Enforcement Push in the Absence of Final SEC Rules -
On November 22, the US Department of Labor (DOL) announced a final rule...more
12/14/2022
/ Block Trades ,
Crypto Exchanges ,
Cryptoassets ,
Cybersecurity ,
Data Protection ,
Department of Labor (DOL) ,
Environmental Social & Governance (ESG) ,
Financial Industry Regulatory Authority (FINRA) ,
Investment Adviser ,
Personal Data ,
Private Investment Funds ,
Securities and Exchange Commission (SEC) ,
UK
Additional Requirements to Go Into Effect June 9, 2023 -
As we discussed in our March 3 Advisory, on October 27, 2021, the Federal Trade Commission (FTC) announced revisions (the 2021 Revisions) to its information...more
As you may recall from our previous advisory, "The European Commission Implements New Standard Contractual Clauses", existing data sharing contracts that include the old standard contractual clauses ("SCCs") will only remain...more
Under the EU General Data Protection Regulation (EU GDPR) and the UK Data Protection Act 2018 (UK GDPR) (together the GDPR), even if an organisation is not established in the European Economic Area (EEA) or United Kingdom it...more
11/30/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
UK
On 12 November 2020, the European Commission (Commission) published a draft Implementing Decision on standard contractual clauses for the transfer of personal data to third countries pursuant to the EU General Data Protection...more
The end of the Brexit transition period is upon us. As of 1 January 2021, the UK is a 'third country' under the EU General Data Protection Regulation (GDPR), though the transition period has been extended for up to six months...more
The Information Commissioner's Office (ICO) has issued a statement confirming that data protection will not stop the need for businesses to share information quickly, or adapt the way they work to face the unprecedented...more
3/27/2020
/ Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Processors ,
Data Protection ,
Data Subjects Rights ,
European Data Protection Board (EDPB) ,
Information Commissioner's Office (ICO) ,
New Guidance ,
Personal Data ,
Popular ,
Remote Working ,
UK ,
UK Data Protection Act