The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
Embracing Data Privacy to Drive Business Growth: On Record PR
Unauthorized Access Returns With "Get to Know Joe" — Unauthorized Access Podcast
Brazil's AI Legislation
Episode 293 -- Catching Up with California and Other State Privacy Laws
Website Privacy Litigation
Recent Developments in California Privacy Laws - The Consumer Finance Podcast
State AG Pulse | The Laboratories of Democracy
State AG Pulse | Vermont: Small Is Mighty
Privacy, Blockchain and Compliance
[Podcast] State Privacy Laws and Federal Government Contractors
Digital Planning Podcast Episode: Understanding Biometrics and the Impact on Estate Planning
An Expert View on the Critical Data Privacy Issues for 2023 and Beyond
ESG, Cyber Risk and Compliance
Data Privacy Unlocked, A Conversation with Texas Representative Giovanni Capriglione
March Monthly Minute | Preparing for U.S. State Privacy Laws in 2023
On September 15, the EU Commission published a proposal for a Cyber Resilience Act (Proposed CRA), which builds on the 2020 EU Cybersecurity Strategy and the 2020 EU Security Union Strategy, with the aim of ensuring the...more
On June 4, 2021, the European Commission adopted a new, highly anticipated set of standard contractual clauses to facilitate the transfer of personal data out of the European Economic Area (“EEA”) in accordance with the...more
The United Kingdom has been busy in the past couple of weeks starting to chart its independent course on data protection and privacy matters. We should keep in mind, however, that some of the more dramatic announcements...more
The United Kingdom’s Information Commissioner’s Office (ICO) finalized a new Code of Practice (the Code) in September 2020, which applies to most companies that offer online services to or otherwise collect personal data from...more
Potential amendments to the PDPO would impose much stricter controls on organisations that process personal data of individuals located in Hong Kong. Key Points: ..On 20 January 2020 the Legislative Council debated...more
In May of 2018, the European Union enacted the General Data Protection Rules, or GDPR, a legal framework that outlines not only how companies may collect and process personal information of EU residents, but how that data is...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
Why does this topic matter to organisations? Whereas the remedies and sanctions available to DPAs under the Directive were comparatively low (generally subject to a maximum of less than €1 million per infringement, with...more
Implications of the EU’s GDPR on Employment Contracts - New Legislation Enacted - The EU’s General Data Protection Regulation (GDPR) 2016/679, of April 27, 2016, entered into force on May 25, 2018....more
As explained in Part I and Part II of this series, U.S.-based commercial litigators should be aware that other countries’ privacy laws may affect their cases in unexpected ways. Perhaps the most likely stage for these issues...more
On July 8, 2016, the European Union (“EU”) member states voted in support of the Privacy Shield through the Article 31 Committee, which is composed of representatives of the 28 member states. The Privacy Shield would replace...more
Directive 95/46/EC of 24 October 1995 - Articles 25 and 26 - The transfer of personal data to a third country is allowed: ..if the third country ensures an adequate level of protection; the Commission can...more
On 11 September, TeliaSonera and Telenor have abandoned the proposed merger of their business units in Denmark. The contemplated transaction would have resulted in the establishment of a joint venture active in the provision...more
In the weeks since the October 6, 2015, Court of Justice of the European Union decision (“CJEU Decision”) that invalidated the EU-U.S. Safe Harbor framework, companies have been faced with the quandary of establishing legal...more
Last week, the Vienna Higher Regional Court ruled that most of Max Schrems’ claims against Facebook can proceed, including his claim that Facebook improperly allowed his personal information to be shared with the National...more
The shockwaves continue from the October 6, 2015 ruling of the Court of Justice of the European Union (CJEU), the European Union’s highest court, invalidating the U.S.-EU “Safe Harbor” data transfer regime in a controversy...more
Whom to suspend during any Foreign Corrupt Practices Act (FCPA) investigation is always a delicate question to answer. Unfortunately there is never an easy answer. As the Volkswagen (VW) emission-testing scandal continues to...more
The European Court of Justice has declared invalid the Safe Harbor data-transfer agreement that has governed EU data flows across the Atlantic for the last 15 years. Thousands of U.S. companies have relied on the Safe Harbor...more
A lot has happened since the European Court of Justice’s declaration that the EU-US safe harbor framework is invalid. First, the Article 29 Working Party, an organization comprised of representatives from each data...more
For the past 15 years, the EU-U.S. Safe Harbor Framework has been one of the most popular data transfer mechanisms for organizations that engage in cross-border transfers of EU personal data to the United States. In the...more
The central European countries of Slovakia and Hungary are divided by a common 420-mile-long border. But that dividing line, and other European national borders, may now be a little more blurred due to a key ruling by the...more
The European Court of Justice’s (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
The European Court of Justice's (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
Today, I wrap up my series on why I think compliance is at the Tipping Point. However as it is a Friday in October, I continue my tribute to the Man in the Shadows, producer Val Lewton, whose films for RKO had some of the...more