Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
In honour of the International Association of Privacy Professionals (IAPP) London 2025 conference , we hosted a webinar on European privacy litigation. This post summarises some of the key UK privacy cases we covered in that...more
On April 8, the National Security Division of the U.S. Department of Justice’s (DOJ) new rule on cross-border data transfers takes effect. It restricts U.S. businesses from transferring certain bulk sensitive personal data to...more
While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more
The old saying goes, “Don’t mess with Texas.” The same can be said of the Texas Privacy Act. The Texas Department of Information Resources recently issued an implementation status for the act....more
The New Jersey Data Protection Act (NJDPA), N.J. Stat. § 56:8-166.4 et seq., will go into effect on January 15, 2025, as New Jersey joins eighteen other states with comprehensive data privacy laws. ...more
In 2018, there were two comprehensive state data privacy bills introduced across the United States and a whopping zero were in effect. Fast forward six years and there have been 41 new data privacy bills considered this year...more
Four years after the Brazilian General Data Protection Law (LGPD) came into force, Brazil’s Superior Court of Justice (STJ) recently issued a list of precedents exploring how the court applied the law and addressed the...more
Las compañías que hacen negocios en México deben revisar las políticas y prácticas pertinentes para asegurarse de que se alinean al marco integral de privacidad de datos del país. Específicamente, querrá evaluar sus avisos de...more
Companies doing business in Mexico should review relevant policies and practices to ensure they align with the country’s comprehensive data privacy framework. Specifically, you’ll want to assess your privacy notices, data...more
On July 1, 2024, a new wave of state consumer privacy laws will go into effect in Florida, Oregon, and Texas, ushering in additional obligations for companies. This wave of new laws will be closely followed by a Montana...more
Prior to the legislature closing on May 8, Colorado lawmakers passed SB 41, which amends the Colorado Privacy Act (CPA) to add protections for children’s data privacy. If signed into law by Colorado Governor Jared Polis, it...more
Introduction - Below is a brief outline of the legal regulation of personal protection in Ukraine. Governing Data Protection Legislation - 2.1. Overview of principal legislation - The main legal act governing...more
Maryland will soon have some of the strictest data protection and privacy requirements in the nation after the Maryland Online Data Privacy Act of 2024 (MODPA) was signed into law by Gov. Wes Moore last week....more
The early weeks of 2024 have seen continued activity on the state comprehensive privacy law front. Since our last update, at least 11 new comprehensive privacy bills have been proposed. In particular, Georgia, Hawaii,...more
New Jersey has now joined the growing number of states that have enacted comprehensive online privacy protections for certain consumers and that have imposed requirements on companies collecting and processing consumer data...more
Colorado’s new comprehensive consumer privacy law, the Colorado Privacy Act (CPA), will take effect on July 1, 2023. Earlier this year, the Colorado Attorney General’s Office (“AG”) finalized its yearlong rulemaking process,...more
On May 11, 2023, Governor Bill Lee signed the Tennessee Information Protection Act (TIPA) into law. Tennessee now joins the rapidly increasing group of states, California, Utah, Colorado, Connecticut, Virginia, Iowa and...more
On May 19, 2023, Montana Governor Greg Gianforte signed into law Senate Bill 384 ("Montana Consumer Data Privacy Act"), Montana's new state consumer privacy law, which will become effective October 1, 2024. Montana now joins...more
As we move into the summer months, state comprehensive privacy law developments continue to steadily emerge. Most notably, in the weeks since our last update, the Texas legislature passed the Texas Data Privacy and Security...more
This month, Indiana, Montana and Tennessee passed comprehensive privacy laws. Each tracks closely the comprehensive privacy laws outside of California, but with some variations. None applies to employee data or has a private...more
The Tennessee governor has signed Tennessee’s comprehensive privacy law, which as we have indicated will go into effect July 1, 2025. As initially proposed, the law would have been effective July 1, 2024, and would have...more
Tennessee has joined the growing number of states that have enacted comprehensive data privacy laws. On the final day of this year’s legislative session, the Tennessee legislature passed the Tennessee Information Protection...more
Amendments to British Columbia’s Freedom of Information and Protection of Privacy Act (FIPPA) taking effect on February 1, 2023, will impose more stringent privacy requirements on provincial public bodies, such as hospitals,...more
Noting the extraterritorial approach adopted by the Law No. 27 of 2022 on Personal Data Protection (“PDP Law”), the enactment of the PDP Law will not only affect the way Indonesian businesses navigate the personal data...more