Compliance Perspectives: Rolling Out New Compliance Initiatives
On April 11, the Department of Justice's National Security Division (NSD) published new guidance on recent measures to restrict the ability of adversarial foreign governments and other foreign entities of concern to access...more
On January 8, 2025, the U.S. Department of Justice (“DOJ”) issued its final rule to implement Executive Order 14117 aimed at preventing access to Americans' bulk sensitive personal data and government-related data by...more
In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
This year has proven to be a turning point in the U.S. data protection law landscape with California’s amended data protection law coming into effect and Colorado’s, Connecticut’s, and Virginia’s data protection laws joining...more
A California court has held that the regulations the California Privacy Protection Agency adopted in March 2023 may not be enforced until March 2024. On June 30, 2023, a day before the California Consumer Privacy Act...more
In an unexpected turn of events, a California court postponed enforcement of the new California Consumer Privacy Act (CCPA) regulations until March 29, 2024. The court’s final decision came at the eleventh hour on June 30,...more
The new laws introduce novel applicability thresholds and other requirements that businesses should consider when preparing for compliance with US state privacy laws, including those coming into effect from 2023 onwards....more
On April 27, 2023, the Washington state governor signed into law the My Health My Data Act, also known as the MHMDA. The majority of the law’s provisions will take effect on March 31, 2024, providing companies with one...more
On Friday, April 21, the Montana and Tennessee state legislatures approved comprehensive privacy law proposals. In Montana, the state senate passed an amended version of the Montana Consumer Data Privacy Act (SB 384) in a...more
On January 1, 2023, the California Privacy Rights Act of 2020, which amended the existing California Consumer Privacy Act (collectively, the “CPRA”) and Virginia’s Consumer Data Protection Act (“VCDPA”) went into effect....more
As the calendar turns to a new year, the United States data protection law will also make a turn towards more states implementing and enforcing new data protection laws impacting a business’s collection, use, and disclosure...more
Beginning in January 2023, covered businesses in Virginia will have new compliance obligations under the Virginia Consumer Data Protection Act (CDPA) in response to the new privacy rights granted to residents of the...more
The compliance date for the California Privacy Rights Act (CPRA) is January 1, 2023. There are significant changes from the current law, the California Consumer Privacy Act (CCPA), including the following...more
In 2023, a number of state data protection laws will be coming into effect and a number of entities who previously were not subject to data security and data privacy obligations will soon be within the scope of these laws....more
In May 2017, the world of data privacy was irreparably changed when four members of the Chinese military hacked into credit-reporting company Equifax, exposing the personal information of nearly 150 million Americans. The...more