State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
We are pleased to announce that several of the firm’s practice groups and attorneys were recognized in the 2024 edition of Chambers USA, a directory of leading law firms and attorneys. Chambers and Partners annually...more
The UK’s data privacy regulator, the Information Commissioner’s Office (ICO), is investigating Microsoft over potential privacy concerns with its recently announced AI-powered “Recall” feature for Windows PCs. Microsoft...more
Maryland Governor Wes Moore signed the Maryland Online Data Privacy Act of 2024 (MODPA) into law on May 9, 2024. This new law establishes transparency, assessment, and consumer rights requirements for organizations that fall...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
Editor’s Note: During this webcast, industry leaders discussed using generative AI (GAI) in the legal and cybersecurity fields. The speakers, John Brewer, Anya Korolyov, Chris Wall, and Bernie Gabin, all experts in AI and...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more
On February 28, 2024, President Biden issued Executive Order 14117 (the EO) on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” that would...more
With the onslaught of new privacy legislation and cyber threats coupled with upticks in enforcement, running a well-functioning and flexible privacy program is now, more than ever, a critical component of an organization’s...more
The California Privacy Protection Agency (CPPA) released initial draft regulations for cybersecurity audits (which have since been amended) and risk assessments late this summer. The agency’s board of directors addressed the...more
Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more
Managing a remote cybersecurity team at colleges and universities involves addressing a unique set of challenges to ensure the security of sensitive data and infrastructure. There is an additional overlay of potential...more
From long-standing laws to incoming legislation, global nonprofits must understand the requirements and prepare for scrutiny in their handling of personal data. U.S. privacy regulations are currently a complex framework of...more
On May 10, the National Institute of Standards and Technology (NIST) released its initial public draft of SP 800-171, Revision 3, a set of updated guidelines aimed at helping organizations better handle confidential...more
Paul Hastings attended the 2023 Global Privacy Summit (GPS) hosted by the International Association of Privacy Professionals (IAPP). Privacy professionals from all over the world gathered in Washington, D.C. to learn about...more
The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more
Over the years we have offered several recommendations to increase your protection against attacks and intrusions and harden your cybersecurity. In this final tip for 2022, we mention a novel, though somewhat radical,...more
The DE OFCCP Week in Review (WIR) is a simple, fast and direct summary of relevant happenings in the OFCCP regulatory environment, authored by experts John C. Fox, Candee Chambers and Cynthia L. Hackerott. In today’s edition,...more
Keypoint: A revised version of the American Data Privacy and Protection Act was formally introduced in the House and voted out of a subcommittee. As we previously reported, on June 3, 2022, a bipartisan and bicameral group...more
Keypoint: The chances for the United States to finally enact a federal privacy bill appear to have increased with the circulation of a bipartisan discussion draft although its chances for passage are far from clear....more
Providers of sports betting services must ensure that their cybersecurity protocols and data privacy policies adequately protect their systems and users. Since the Supreme Court struck down the federal ban on sports gambling...more
Six months have now passed since China's Personal Information Protection Law (PIPL) became effective on November 1, 2021. As noted below, Chinese authorities have recently stepped up enforcement actions relative to PIPL....more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
Based on China’s Cybersecurity Law (effective from June 1, 2017), the latest draft of Personal Information Protection Law and draft of Data Security Law, the new draft regulations would apply not only to automobile producers...more
Since the passage of the CCPA in 2018, there has been a flurry of proposed state laws aimed at regulating the areas of cybersecurity and data privacy in the absence of federal comprehensive legislation. Additionally, there...more
Blood pressure readings, menstrual cycles, and pregnancy status are among the types of sensitive personal data Facebook was caught collecting from third-party app developers without users' knowledge or permission. After a...more