Data Processing Rules, Cybersecurity, General Data Protection Regulation (GDPR)

New EDPB Opinion on Personal Data Protection in AI

Barnea Jaffa Lande & Co. on 1/3/2025

Recently, the European Data Protection Board (EDPB) adopted an opinion addressing key data protection concerns arising from the use of Artificial Intelligence (AI) models. The opinion specifically focuses on how GDPR...more

La CNIL sanziona una software-house di videogiochi

Orrick, Herrington & Sutcliffe LLP on 2/16/2023

Alla luce del recente provvedimento dell’Autorità Garante per la Protezione dei Dati Personali Francese, la Commission nationale de l'informatique et des libertés (“Garante” o “CNIL”), riportiamo di seguito un’analisi del...more

U.S. messaging service fined €5.5 million for GDPR violations

Orrick, Herrington & Sutcliffe LLP on 1/25/2023

On January 19, the Irish Data Protection Commission (DPC) announced the conclusion of an inquiry into the data processing practices of a U.S.-based messaging service’s Ireland operations and fined the messaging service €5.5...more

Virginia Finalizes CDPA Text With the Addition of Three Amendment Bills

ArentFox Schiff on 5/19/2022

Connecticut Passes the Fifth US State Consumer Privacy Law - The Connecticut governor has formally signed and passed An Act Concerning Personal Data Privacy and Online Monitoring (CPDA), making this law the fifth US state...more

China Finalizes Data Security Law to Strengthen Regulation on Data Protection

Jones Day on 6/21/2021

On June 10, 2021, the Standing Committee of the 13th National People's Congress passed the long awaited People's Republic of China (China) Data Security Law ("DSL") after a final read of the third draft. The DSL, which takes...more

Hotels and GDPR

BCLP on 11/6/2019

We are now over a year on from the major changes made to the European data protection regime by the GDPR so it is time to revisit what the changes mean now for the hospitality sector and investment in it, given increased...more

Who Is Responsible Under GDPR For Putting A Data Processing Agreement In Place?

Fox Rothschild LLP on 9/19/2019

Who is responsible for putting a GDPR Article 28 Data Processing Agreement in place? Dutch Data Protection Authority, Autoreitpersoonsgegevens, says: BOTH the data controller and the data processor....more

NHS Digital Publishes Guidance for Health and Care Organisations Using Cloud Services and Data Offshoring

Pillsbury Winthrop Shaw Pittman LLP on 1/29/2018

NHS and social care organisations in the UK are being encouraged to take a fresh look at public cloud services given the myriad benefits of doing so. The guidance is timely given the coming into force of the GDPR in May,...more

Foreign No More: Transferring Data on Demand U.S. Companies and GDPR Data Portability

Bradley Arant Boult Cummings LLP on 10/17/2017

Much has been written about the consternation and concern of businesses around the world regarding the European Union’s General Data Protection Regulation (GDPR), which takes effect on May 25, 2018. The GDPR applies to...more

French Data Protection Authority Approves Implementation of Biometric Authentication Tools in Banking Sector

Jones Day on 6/16/2017

On May 29, 2017, the French Data Protection Authority (Commission Nationale Informatique et Libertés, or "CNIL") announced that it had authorized nine banking institutions to implement, on an experimental basis,...more

Data Processing Rules › Cybersecurity › General Data Protection Regulation (GDPR)

"My best business intelligence, in one easy email…"