Life with GDPR - Meta Fined €405 million by Irish Data Protection Commission
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
The European Data Protection Board issued draft guidelines last month that outline when processing can be considered done for “legitimate interest.” The public has until November 20 to provide comments to the draft....more
When it comes to website privacy compliance, cookies have consistently presented the most fraught issues for U.S. businesses. This is especially true for those businesses that find themselves in a sometimes new or often...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
Since 2018, a consistent stream of newly adopted privacy laws and other regulatory developments (such as GDPR, CCPA, Schrems II, and the new EU Standard Contractual Clauses) has required companies to make regular updates to...more
Best Practices for the Virginia Consumer Data Protection Act - The Virginia Consumer Data Protection Act (VCDA) Working Group of the Joint Commission on Technology and Science released its final report on best practices...more
As access to COVID-19 vaccines becomes more prevalent, and we begin to conceptualize what a post-pandemic world might look like, many governments are assessing the idea of a COVID-19 vaccine passport framework. In late...more
In honor of Data Privacy Day, we provide the following “Top 10 for 2021.” While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2021...more
United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more
One of the methods US and EU companies rely on most frequently for the transfer of personal data from the EU to the US are standard contractual clauses. For the method to be acceptable as a valid basis for transfer of...more
News sources reported this month that the Irish data protection authority (DPA) had sent Facebook a preliminary order that would prohibit the transfer of information about European Union (EU) residents to US Facebook users....more
On 16 July, 2020 the European Court of Justice (“CJEU”) published its decision invalidating the EU-U.S. Privacy Shield and setting out enhanced requirements for using the so-called Standard Contractual Clauses for Processors...more
The COVID-19 pandemic has had a disparate effect on privacy regulators, with varying levels of enforcement advocated by different government entities; the California Attorney General, the U.S. Department of Health & Human...more
Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so some assume...more
Anonymisation has always been (and still is) a real challenge for those carrying out clinical research. To shed some light on this matter, the Medical Research Council (MCR) – which is part of UK Research and Innovation – has...more
Federal US News - FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements - The FTC reached a settlement with a background screening company over allegations it falsely claimed...more