On August 16, 2024, the U.S. Court of Appeals for the Ninth Circuit issued an opinion partially upholding—and partially vacating—the District Court for the Northern District of California’s preliminary injunction preventing...more
The stakes are high for FemTech – as Benjamin Franklin noted: ‘it takes many good deeds to build a good reputation and only one bad one to lose it.’...more
Minnesota has become the 18th state to enact a comprehensive consumer privacy law. On May 24, Gov. Tim Walz (D) signed the Minnesota Consumer Data Privacy Act into law to provide privacy rights to Minnesotans and to impose...more
On May 9, the Governor of Maryland approved SB 571 (the “Act) to provide consumer online protections for children. The Act will afford protections from online products aimed at children or that are likely accessed by...more
On May 9, Maryland became the second state to enact an (AADC), the Maryland Kids Code, alongside the Maryland Online Data Privacy Act (MODPA) — Maryland’s first comprehensive data privacy bill. Maryland’s AADC follows...more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Last month, Nebraska passed the Nebraska Data Privacy Act (NDPA), making it the latest state to enact comprehensive privacy legislation. Nebraska joins California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana,...more
Kentucky - On April 4, 2024, Kentucky joined the growing number of states to enact data privacy legislation, becoming the third state to do so in 2024 and the fifteenth state overall at the time of enactment....more
The GDPR contains plenty of requirements, penalties, obligations, rights, and definitions—but it doesn’t contain a specific template for DPIAs, or data protection impact assessments. If you’re struggling to identify...more
يُعد نظام حماية البيانات الشخصية (النظام) أول نظام شامل لحماية البيانات في المملكة العربية السعودية. من المتوقع أن تبدأ الهيئة السعودية للبيانات والذكاء الاصطناعي (الهيئة) في الإنفاذ الكامل للنظام اعتبارًا من 14 سبتمبر 2024،...more
As employment-related artificial intelligence (“AI”) tools proliferate, multinational employers feel increasing pressure to deploy AI across their global offices. These tools can provide great value and efficiency across the...more
On 3 October 2023, the UK’s Information Commissioner’s Office (ICO) published new guidance on workplace monitoring. The previous guidance was issued in 2011, as part of the ICO’s Employment Practices Code, and was badly in...more
On 18 August 2023, the UK’s Information Commissioner’s Office (“ICO”) published draft guidance on biometric recognition (the “Draft Guidance”) for public consultation. The Draft Guidance explains how data protection law...more
The protection of children's online privacy has emerged as one of the most important data privacy issues in the United States. With the existing U.S. framework for protecting children's online privacy widely criticized as...more
Texas Governor Greg Abbott signed into law the Texas Data Privacy and Security Act (TDPSA) on June 18, 2023. With the passage of TDPSA, Texas becomes the tenth state to adopt a consumer data privacy law. TDPSA passed the...more
Much like the beginning of 2023, when two new state data privacy acts went into effect, the midpoint of 2023 will feature two more state data privacy acts coming onto the books. On July 1, 2023, the Colorado Privacy Act...more
It has been an active legislative season, with numerous states advancing new data privacy laws. In May, Indiana, Montana, and Tennessee joined Iowa in adopting new privacy laws, while the legislature in Texas sent an omnibus...more
Since 1998, the Children’s Online Protection Act (COPPA) has governed how websites directed to children in the United States must approach data privacy for individuals under age 13. COPPA focuses mostly on the collection,...more
Organisations should expect increased scrutiny and enforcement activity around the role of data protection officers in the coming year. The European Data Protection Board (EDPB) has announced that its coordinated...more
On March 8, 2023, the Data Protection and Digital Information (No. 2) Bill was introduced to the UK Parliament by the Department for Science, Innovation and Technology (DSIT). If enacted, the Bill will make changes to the UK...more
The collection of personal data by organizations in the sports industry creates unique data privacy challenges. Generally, a business-to-consumer organization is focused on the personal data of its customers and separately...more
In his State of the Union address on February 7, 2023, President Biden affirmed his position on consumer data privacy protections and specifically his focus on strengthening protections for children. With several state data...more
The UK government has recently published proposals to amend UK data protection legislation with moves towards divergence from EU rules and regulation following the UK’s decision to leave the EU (“Brexit”). The Data Protection...more
Singapore Personal Data Protection Commission (PDPC) has published a guide on data protection in the blockchain. Some key points: Permissionless blockchain: •Any personal data published in-clear is a form of public...more
On 24 January and 8 April 2022, the procedure before the French Data Protection Authority (CNIL) was reformed with the aim notably to better respond to the growing number of complaints that the CNIL receives each year...more