Rethinking Records Retention
A Less is More Strategy for Data Risk Mitigation
Data Retention and Document Holds
Healthcare Document Retention
The NYDFS Updates Its Stringent Cybersecurity Regulations. Is This a Bellwether of Coming Industry Change? - The Consumer Finance Podcast
Spring Cleaning for Legal Teams: The Cloud and Defensible Deletion of Data
M365 in 5 – Part 7: Teams Audio/Video (A/V) Conferencing
M365 in 5 – Part 6: Teams Channels – The virtual collaboration workspace
M365 in 5 – Part 5: Teams Chats – Modern communications
M365 in 5 – Part 4: Teams – An introduction to collaboration
M365 in 5 – Part 3: OneDrive for Business – Protected personal collaboration
M365 in 5 – Part 2: SharePoint Online – The new file-share environment
M365 in 5 – Part 1: Exchange Online – Not just a mailbox
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
Sitting with the C-Suite: Trial Teams – Narrowing Data through Centric Search
Sitting with the C-Suite: Normalizing Business Practices through Litigation Data
Compliance Perspectives: Regulatory Conflicts in Data Privacy Laws
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
[WEBINAR] Public Records Act - Taming the Email Tiger
E14: The Three Pillars of GDPR
With the Minnesota Consumer Privacy Act (MCPA), which takes effect July 31, 2025, Minnesota now joins the many other states, like California, that have passed laws granting enhanced data privacy rights to individuals. ...more
The European Data Protection Board recently published its draft Guidelines 02/2025, which remain open to consultation until 09 June 2025. Stakeholders in the blockchain industry are encouraged to submit any observations...more
New Jersey recently released draft privacy regulations, and there is a lot to unpack and process. In this three-part series, I will break down the regulations - Part 1: The New Personal data: • Scraping is carved...more
On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more
On January 03, 2025, the government released the much awaited draft Digital Personal Data Protection Rules, 2025, (Draft Rules / Rules) for public consultation and invited stakeholder feedback by February 18, 2025 (access the...more
On January 16, 2025, the Federal Trade Commission (FTC) finalized amendments to the Children’s Online Privacy Protection Act (COPPA) Rule (Final Rule), which completes the process that started back in 2019 when the FTC sought...more
On January 3, 2025, India’s Ministry of Electronics and Information Technology ("MeitY") released the Draft Digital Personal Data Protection Rules, 2025 ("Draft Rules") for public comment. The primary aim of these Draft Rules...more
As of January 1, 2025, the Israeli Privacy Protection Regulations (Instructions for data being transferred to Israel from the European Economic Area) will also apply to data being stored or processed in Israel or in other...more
The Federal Trade Commission (FTC) announced two significant enforcement actions last week – one against data broker Mobilewalla, Inc. and the other against data analytics provider Gravy Analytics, Inc. (and its subsidiary...more
With the publication of a recent Notice of Proposed Rulemaking (NPRM), the Department of Justice National Security Division will soon become an important new regulator of transactions involving the transfer of sensitive U.S....more
Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
The Italian Data Protection Authority has adopted an updated version of a guideline document on email retention that it originally issued in December 2023, but which had been suspended....more
Introduction - Below is a brief outline of the legal regulation of personal protection in Ukraine. Governing Data Protection Legislation - 2.1. Overview of principal legislation - The main legal act governing...more
Introduction - The General Data Protection Regulation (Regulation (EU) 2016/679) is the EU regulation which is directly applicable in all member states of the EU, including the Czech Republic, as of 25 May 2018. The new...more
Introduction - As a federal state with law-making powers shared between federal and provincial/territorial governments, Canada has both federal and provincial/territorial privacy laws that govern the private and public...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
Kentucky - On April 4, 2024, Kentucky joined the growing number of states to enact data privacy legislation, becoming the third state to do so in 2024 and the fifteenth state overall at the time of enactment....more
On February 1, 2024, the Federal Trade Commission (FTC) announced that it had reached a proposed settlement with that would require Blackbaud Inc. (“Blackbaud”) to delete personal data it does not need to retain and upgrade...more
On December 20, 2023, the Federal Trade Commission (FTC) published its Notice of Proposed Rulemaking to update the Children's Online Privacy Protection Act (COPPA), the latest step in a process that started in 2019 with an...more
In joined Cases C‑26/22 and C‑64/22, related to the German Credit Reference Agency Schufa (see A&O blog on the automated decision making case), the CJEU considered the retention of personal data regarding individuals who had...more
On September 12, 2023, Delaware became the 13th state to adopt a consumer data privacy act, joining Florida, another state to recently adopt consumer privacy laws, and others in providing resident consumers with rights...more
On 4 May 2023, the European Court of Justice (CJEU) delivered its highly anticipated judgement in Österreichische Post (Case C-300/21) on a crucial issue: the extent to which data subjects affected by a breach of the GDPR...more
Last month, I reported on five new privacy laws going into effect in 2023. Well, now we can add one more to the list of US state privacy laws on the books. The recent passage of Iowa's data privacy law is a significant...more
2023 may be the year of privacy laws. Five states have new laws that go into effect this year, which will likely usher in a new era of consumer privacy protections in the United States....more
The British Virgin Islands ("BVI") Data Protection Act, 2021 ("DPA") came into force on 9 July 2021. It was introduced so the BVI would have a data protection framework which is broadly similar to EU and UK standards. To...more