Womble Bond Dickinson’s content series—Innovation Interchange: The Power of Cross-Industry Insight—explores emerging challenges from the viewpoint of trendsetting industries. ...more
As the Paris 2024 Summer Olympic and Paralympic Games (the “Games”) turn onto the final straight, the Games have yet again captured widespread global attention, on and off the track. With over 15.3 million visitors in Paris...more
When the regulator has decided to investigate your organisation following a data breach, the remit for the investigation will be wide-ranging and go beyond the narrow circumstances of the breach. Recent decisions shed useful...more
In this part of our briefing series, we cover how prior regulatory enforcement action affects the assessment of sanctions and some pitfalls associated with undertaking internal security audits. Who is this relevant for?...more
What insights into cyber security norms can organisations glean from the UK ICO’s recent enforcement decisions, most of which have been released since the GDPR came into force? Final fines are still awaited on the UK’s...more
The United States has always had privacy law. For most of our history it mainly regulated the government in connection with its citizens. About 20 years ago we started modern privacy - presumably why we have Data Privacy...more
Maybe. Hashing refers to the process of using an algorithm to transform data of any size into a unique fixed sized output (e.g., combination of numbers). ...more
January 14, 2020, the Board of Regents formally adopted Part 121 to the Commissioner’s Regulations to implement Education Law § 2-d. The regulation will become effective January 29, 2020. This regulation primarily addresses...more
As you fired-up your computer after last week’s New Year holiday, your inbox was likely filled with emails about updated privacy policies. You may remember receiving a similar wave of emails in May 2018....more
On August 6, 2019, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) released ISO/IEC 27701 (ISO 27701), a privacy extension to ISO/IEC 27001 and ISO/IEC 27002...more
Connected devices, or what is referred to as the “consumer internet of things” is big business right now. Consumers want to “talk” to their devices throughout their home wherever they are, and some organizations’ business...more
Information is one of your company’s most valuable assets. Now more than ever before, it is critical to remain vigilant to protect against today’s latest cybersecurity threats and to comply with increasingly expansive privacy...more
No one knows for sure how many "things" are connected to the Internet, but the Federal Trade Commission reported last year that it was more than 8 billion, and that it would exceed 20 billion by the end of 2020! Astonishing...more
As massive data breaches continue to make headlines, companies of all sizes are focusing their efforts on information security. But before an organization can put security policies and procedures in place, they need a...more
Companies that do business in California know that it is a magnet for class action litigation. The California Consumer Privacy Act ("CCPA"), a new privacy law that applies to data collected about California residents, will...more
The FTC and many state attorneys general aggressively monitor apps, websites, and internet-connected products for COPPA compliance. In the United States, collecting data directly from children under 13 years of age is...more
The CNIL decision handed down on 21 January 2019, which cites violations of several GDPR obligations, provides important insights for groups wishing to benefit from the “one-stop-shop mechanism”. The Complaints - Not...more
One of the most publicized provisions of the European General Data Protection Regulation (“GDPR”) was the requirement that certain companies had to appoint a Data Protection Officer (“DPO”). The concept of a DPO was not new....more
On November 30th, Marriott announced that a guest reservation database on the Starwood side of its business had been breached. Initial reports indicated that upwards of 500 million individuals were affected. The stolen data...more
The European Union's General Data Protection Regulation (GDPR) is the most comprehensive data privacy regulation in the world. It also confers upon supervisory authorities – i.e., regulators within the European Union Member...more
Regulating the Internet of Things (“IoT”) is a highly debated topic because it is hard for lawmakers to keep up with evolving technology. Simply put, IoT refers to a system of connected devices that can retain, analyze, and...more
The state of California recently passed privacy legislation that imposes stringent requirements on organizations that collect personal information from California residents. The California Consumer Privacy Act of 2018 (CCPA)...more
In a surprising twist, the California legislature rushed last week to pass one of the most comprehensive privacy laws in the country. The bill was introduced only a week prior, and within hours of passage, it was signed into...more
On June 28, 2018, California passed a sweeping new privacy bill, AB 375, now known as the California Consumer Privacy Act of 2018 (CCPA). The California legislature passed the bill in the morning and the governor signed...more
“GDPR – please not again …” In recent times there is hardly any other legal topic more often written and talked about than the new EU General Data Protection Regulation (“GDPR”). In light of the severe penalties and with...more