When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Navigating the stringent requirements of data subject access requests (DSARs) can feel like summitting a mountain—the path forward isn’t always clear, pitfalls abound, and you’re fighting gravity all the way....more
On 12 October the UK–U.S. “data bridge” becomes operational, providing an additional, compliant route for UK-outbound transfers of personal data to U.S. organisations that are EU-U.S. Data Privacy Framework members. UK...more
GDPR compliance can be tricky. Even if you summon the willpower to read through the law’s text, it can be tough to know where to start. As an alternative to pouring through the GDPR’s legalese, one way to establish a...more
This is Part Eight in a series of legal updates on the Washington My Health My Data Act (“WMHMDA”) where Quarles continues its deep dive into the various factors and intricacies of WMHMDA that are creating waves in the...more
To date, US non-profit organizations have enjoyed an exemption from the state omnibus privacy laws. That’s about to change. Unlike the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA),...more
On April 17, the Washington legislature passed the My Health My Data Act (MHMD Act), which includes some of the most restrictive provisions in any U.S. state privacy law....more
For the most part, businesses gather employee data without too much thought. Sure, some data is obviously private, like employee social security numbers, but other than that, businesses can pretty much do what they want with...more
We’re now approaching the five-year anniversary of the General Data Protection Regulation (GDPR) taking full effect. In the run-up to 2018 and the period afterwards, there were many predictions about the likely direction of...more
On February 24, 2023, the Cyberspace Administration of China ("CAC") released the final version of the Measures on the Standard Contract for the Cross-border Transfer of Personal Information ("SCCs Measures") along with the...more
With the use of Data Subject Access Requests (DSARs) becoming increasingly common, it is important that anyone dealing with personal data understands what a DSAR is, when it can be used, how an organisation should respond to...more
Data protection laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are a major cause for concern for organizations. While the biggest fines garner headlines, such as...more
This webinar is intended for eDiscovery professionals interested in the overlap between data privacy and eDiscovery capabilities, workflows and use cases. The tools to tackle the protection of personal data already exist...more
The “right of access” recognized by art.15 GDPR is one of the most fervently exercised rights by individuals. Nowadays, where companies tend to amass considerable amounts of information and carry out data processing...more
On January 28, 2022, the European Data Protection Board (“EDPB”) published draft regulatory guidelines (“draft guidance”) on the right of data subjects to have access to their personal data under the EU General Data...more
On July 7, 2021, Colorado Governor Jared Polis signed the Colorado Privacy Act (“CPA”) into law. The CPA will take effect on July 1, 2023 and joins the California Consumer Privacy Act (“CCPA”), the California Privacy Rights...more
NGE Corporate & Securities partner John Koenigsknecht recently interviewed Data Privacy & Information Governance partner David Wheeler about the new standard contractual clauses and the complex task of assessing and...more
There are many similarities between the Colorado Privacy Act (ColoPA), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data privacy Act (VCDPA), and Europe’s GDPR,...more
On 13 April 2021, the British Virgin Islands (“BVI” or “Virgin Islands”) became the latest jurisdiction to enact a comprehensive information privacy law when the territory published the Data Protection Act, 2021 (the “DPA...more
Corporate Social Responsibility (“CSR”) and Environmental, Social, and Governance (“ESG”) practices have increasingly become priorities for many organizations as they assess their obligations to their employees, customers,...more
Gerade für Juristen ist Begeisterung für und ein Verständnis von Branchen, Geschäftsmodellen und Technologien – gerade vor dem Hintergrund des Datenschutzrechts und des Gewerblichen Rechtsschutzes – unerlässlich und...more
When it comes to data privacy law, change is the only constant. The global pandemic unleashed a new set of risks related to data privacy that companies will have to confront in 2021. But despite the COVID chaos, data privacy...more
The California Consumer Privacy Act (CCPA)—the most comprehensive personal data privacy legislation anywhere in the United States so far—is officially being enforced. Is your website in compliance? Does it need to be? What...more
Parties in the US are allowed broad and liberal discovery of electronically stored information (ESI) relevant and proportional to the claims and defenses in a legal action. When a US-based litigant seeks ESI stored in other...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
Staying on top of what’s new in data privacy is tough. As Robert Bond, Partner and Notary Public at the UK-based law firm Bristows explains, over 100 countries have drafted or implemented new data privacy laws in 2019. To...more