No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Life With GDPR - Data Transfer Update
Life with GDPR - Data Transfers from EU/UK to US
Everything Compliance - The Elon Etc Edition
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
The Federal Trade Commission recently settled complaints against two data brokers over their handling of consumers’ sensitive location information. The agency alleged that such practices constitute unfair practices. Under the...more
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) has issued a €290 million fine to Uber for violating the EU’s General Data Protection Regulation (GDPR)....more
A data controller that is not a critical information infrastructure operator that cumulatively exports personal information (excluding any sensitive personal information) of less than 100,000 individuals since January 1 of...more
Chinese authorities issued new regulations and guidance governing cross-border transfers of data and personal information, which will significantly reduce procedural and compliance burdens for many multinationals....more
After a seven-year wait, the Bermuda Government has announced that the remaining sections of the Personal Information Protection Act 2016 (PIPA) will come into full force on 1 January 2025. To date, only limited sections of...more
As of this morning, several US federal agencies and the personal information of 3.5 million Oregon and Louisiana residents has been compromised in a cyberattack affecting companies and government agencies across the globe...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
The Cybersecurity Law ("CSL"), Personal Information Protection Law ("PIPL"), and Data Security Law ("DSL") of the People's Republic of China (the "PRC") introduced a security assessment of the outbound transfer of important...more
Do you use Google Analytics? Do you tell consumers that you do not sell personal information? If you answered yes to both of those questions, then this alert is for you! The California attorney general recently took the...more
Keypoint: Businesses subject to the CCPA will need to revise their compliance programs before the exemptions expire on January 1, 2023. As previously reported, the California legislature had been considering multiple bills...more
On July 7, 2022, the Cyberspace Administration of China (“CAC”) released the Security Assessment Measures of Cross-border Data Transfer ( the “Measures”) which will be effective from September 1, 2022. Previously on October...more
In light of the “changed security policy situation” following Russia’s invasion of Ukraine, the Norwegian data protection regulator recently encouraged any company that exports personal data to Russia and Ukraine to review...more
The Chinese agency charged with implementing and enforcing the new Personal Information Protection Law has issued draft measures for cross-border data transfers. Comments are due by November 28. As we detailed previously, the...more
The Cyberspace Administration of China (“CAC”) on October 29, 2021 published the draft Measures on Security Assessment of Cross-Border Data Transfer (“Draft Measures”) for comment through November 28, 2021. The Draft Measures...more
Listen to our digital planning podcast and learn about all things “digital” as to estate planning, business planning, and estate administration. Your hosts — attorneys Jennifer Zegel, Ross Bruch, and Justin Brown — will guide...more
Keypoint: China’s Personal Information Protection Law is a complicated regulatory regime that will require U.S. entities subject to its requirements to undertake substantial compliance efforts. Effective November 1, 2021,...more
The law will take effect on November 1, 2021 giving companies under two months to ensure their privacy policies and systems comply. On August 20, the Standing Committee of the 13th National People’s Congress of China...more
China is continuing to move forward with its first comprehensive privacy law. China recently issued a second version of the draft Personal Information Protection Law (Draft PIPL) which will be open for public comments until...more
One of the methods US and EU companies rely on most frequently for the transfer of personal data from the EU to the US are standard contractual clauses. For the method to be acceptable as a valid basis for transfer of...more
The privacy law landscape is constantly changing, and it can feel like a daunting task for businesses to keep up with the laws of 50 states in the U.S. plus any international laws that also may be applicable. 2020 seems to be...more
Key Point: California AG Becerra’s investigation into security flaws in the Glow fertility app results in a settlement agreement that resembles recent enforcement agreements in New York but is also unique in requiring the...more
After undergoing several rounds of revisions to the 2019 draft specifications, the new Information Security Technology-Personal Information Security Specifications (GB/T35273-2020) (New Personal Information Specifications)...more
Nelson Mullins and KPMG Hungary are excited to present a webinar on the dangers involved in transfers of personal information from the European Union to the U.S. following the recent Schrems court decision. Partner Roy Wyman...more