Life with GDPR - Meta Fined €405 million by Irish Data Protection Commission
European Data Protection Board Publishes Strategy for 2024-27 - The European Data Protection Board (“EDPB” - the EU body tasked with promoting consistency and cooperation in enforcement of the GDPR) has outlined its...more
FTC Announces Proposed Settlement with Data Aggregator over its Alleged Selling of Precise Location Data - The Federal Trade Commission (“FTC”), on January 18, 2024, announced a proposed settlement with InMarket Media...more
NSA and CISA Release Report on “Top Ten” Cybersecurity Misconfigurations; CISA Calls for Software Manufacturers to Implement Best Practices - On October 5, 2023, the United States National Security Agency (NSA) and...more
UK-U.S. Data Bridge Approved - The UK has approved an extension to the EU-U.S. Data Privacy Framework (DPF) called the ‘UK-U.S. Data Bridge,’ which facilitates data flows from the UK to the U.S. From October 12, 2023...more
SEC Proposes Significant Updates to Regulation S-P and Cyber Risk Management Rule for Market Entities - At an open meeting on March 15, 2023, the Securities and Exchange Commission (the “Commission) issued a release and...more
Cybersecurity Alert: Silicon Valley Bank and Signature Bank Fallout - Undoubtedly, cyber criminals are out in full force with phishing links and other scams trying to capitalize on the disruption and panic that many...more
The Proposed EU-U.S. Data Privacy Framework Faces Potential Obstacles - On February 14, 2023, the European Parliament Committee on Civil Liberties, Justice and Home Affairs (the “EP Committee”) released a draft opinion...more
The European Data Protection Board (EDPB) has issued a long-awaited opinion on the EU-US Data Privacy Framework. Here are some key takeaways: The scope of the exemptions to the adherence to the principles, including on the...more
The United States is adequate, at least according to a draft opinion on the EU-U.S. Data Privacy Framework. Here is a look at what the opinion says, and what U.S. companies involved in EU-U.S. transfers should be doing now....more
SEC Division of Examinations Issues Risk Alert on Regulation S-ID and Identity Theft Prevention Programs - On December 5, 2022, the Securities and Exchange Commission (“SEC”) Division of Examinations (“EXAMS”) issued a...more
US and EU Life Sciences Law firms Fieldfisher & Gardner Law recently held a CLE event in Silicon Valley covering Healthcare Compliance, Data Privacy and Regulatory hot topics for MedTech and Pharma companies. Discussion...more
For some time now, dark patterns have been quite the trending topic for both marketers and privacy professionals. Regulators have frequently railed against dark patterns that purport to manipulate user choices, usually...more
Pelosi Statement Dims the Lights on ADPPA - The prospects for the nation’s first comprehensive data privacy law, the American Data Privacy and Protection Act (the “ADPPA” or the “Bill”), dimmed after House Speaker Nancy...more
California Privacy Protection Agency Releases Draft CPRA Regulations - The California Privacy Protection Agency (CPPA) just released proposed California Privacy Rights Act (CPRA) regulations. The regulations expand...more
Dark patterns have been a recent regulatory focus. The FTC issued an enforcement policy late last year, and the European Data Protection Board followed suit with guidelines this spring. The two have slightly different takes...more
FTC Warns Companies to Remediate Log4j Security Vulnerability - Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a...more
Best Practices for the Virginia Consumer Data Protection Act - The Virginia Consumer Data Protection Act (VCDA) Working Group of the Joint Commission on Technology and Science released its final report on best practices...more
In this month’s edition of our Privacy & Cybersecurity Update, we examine cybersecurity guidance issued by New York state, and the Cybersecurity and Infrastructure Security Agency’s new “Bad Practices” website outlining what...more
California Can Enforce Net Neutrality Law After Court Victory - California’s net neutrality law bars internet service providers from prioritizing, blocking, slowing down, or speeding up internet content. California’s law...more
Arnall Golden Gregory LLP is pleased to provide you with the Compliance News Flash, which includes current news briefs relevant to background screening, immigration and data privacy, for the benefit and interest of our...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
The COVID-19 pandemic has had a disparate effect on privacy regulators, with varying levels of enforcement advocated by different government entities; the California Attorney General, the U.S. Department of Health & Human...more
In this month's edition of our Privacy & Cybersecurity Update, we examine comments from the California attorney general's office regarding the start date for enforcement of the California Consumer Privacy Act in light of...more
Federal US News - FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements - The FTC reached a settlement with a background screening company over allegations it falsely claimed...more
Enforcement is increasing under the EU US Privacy Shield Framework for cross border transfer of personal data. A report published by European regulator, the European Data Protection Board (EDPB), lists enforcement initiatives...more