State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots....more
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
Maryland will soon have some of the strictest data protection and privacy requirements in the nation after the Maryland Online Data Privacy Act of 2024 (MODPA) was signed into law by Gov. Wes Moore last week....more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Introduction - The General Data Protection Regulation (Regulation (EU) 2016/679) is the EU regulation which is directly applicable in all member states of the EU, including the Czech Republic, as of 25 May 2018. The new...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
Editor’s Note: During this webcast, industry leaders discussed using generative AI (GAI) in the legal and cybersecurity fields. The speakers, John Brewer, Anya Korolyov, Chris Wall, and Bernie Gabin, all experts in AI and...more
European Parliament Approves EU AI Act - On March 13, 2024, the European Parliament approved the EU Artificial Intelligence Act (“AI Act”). A first of its kind legal framework for AI, the AI Act has extraterritorial effect,...more
The PDPL has broad extraterritorial scope and substantial penalties for non-compliance, with full enforcement expected to start in September. The Personal Data Protection Law (PDPL) is the first comprehensive data...more
On February 28, 2024, the Biden administration announced new cybersecurity-related measures, including an executive order (EO) and advance notice of proposed rulemaking (ANPRM), intended to address the bulk flow of Americans’...more
On January 16, 2024, New Jersey became the first state to enact a comprehensive data privacy law in the new year, with Gov. Phil Murphy (D-NJ) signing the New Jersey Privacy Act (NJPA) (SB 332) into law. The New Jersey law...more
On January 18, 2024, New Hampshire’s State Legislature enacted the Expectation of Privacy Act (the “Act”). Following the Governor’s signature, the Act will take effect January 1, 2025. SCOPE - The Act defines...more
With the onslaught of new privacy legislation and cyber threats coupled with upticks in enforcement, running a well-functioning and flexible privacy program is now, more than ever, a critical component of an organization’s...more
The new Swiss Federal Act on Data Protection, known by the acronym “nFADP,” took effect on September 1. The law was enacted by the Swiss parliament in 2020. The law introduces new rights for Swiss citizens, but also...more
From long-standing laws to incoming legislation, global nonprofits must understand the requirements and prepare for scrutiny in their handling of personal data. U.S. privacy regulations are currently a complex framework of...more
An estimated 82% of the data breaches that occurred in 2022 involved human error or intentional misconduct. That’s why organizations need to be diligent in protecting their data from both internal and external threats. One...more
Generative AI models access vast pools of information from a wide variety of sources, including information users add in prompts. This can include private or sensitive information, which may be used without consent and may be...more
Texas, long lauded as one of the most “business-friendly” states, has passed a comprehensive privacy law that will bring new regulations to consumer personal data. The new Texas Data Privacy and Security Act (“TDPSA”), H.B....more
SEC Proposes Significant Updates to Regulation S-P and Cyber Risk Management Rule for Market Entities - At an open meeting on March 15, 2023, the Securities and Exchange Commission (the “Commission) issued a release and...more
2022 saw significant regulatory developments in the field of privacy protection in Israel and throughout the world. These developments directly affect companies whose business activities in Israel and internationally involve...more
After the recent Court of Justice of the European Union decision on sensitive inferences that can be drawn from the name of your spouse, it is fair to ask: Is everything sensitive data (special category data)?...more
It has been a bustling fall for the California Privacy Protection Agency (CPPA or Agency). In the spirit of the upcoming holiday season, the Agency gifted us not one but two rounds of proposed modifications to the regulations...more
The California Privacy Rights Act will go into full effect on January 1. The CPRA is commonly referred to as a “new” act, but is actually an add-on/modification to the California Consumer Privacy Act of 2018, which has been...more
California Privacy Protection Agency Releases Revised Regulations - With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
A data inventory is a detailed account of how a business processes personal data. While this is not an exhaustive list, a data inventory should contain information such as purpose of collecting the data, volume of individual...more