New York Law Journal “The CLOUD Act is about to stir up a legal storm. The act was originally passed in March 2018 to ensure US law enforcement officials could obtain information from US-based communications providers even if that information is stored overseas. But the act has another, more controversial provision: […]
Rigorous Privacy and InfoSec Requirements May Be in Store for Companies That Accept Government Equity Stakes
Federal government agencies, government-controlled corporations and some government contractors must comply with robust federal laws that govern federal agencies’ privacy and information security practices – the Privacy Act and FISMA, respectively. Now, these laws may apply to companies that accept federal government aid under the Coronavirus Aid, Relief, and Economic […]
On March 11, 2020, the California Attorney General released a second set of modifications to the proposed regulations implementing the California Consumer Privacy Act. These modifications include important updates to the first round of modifications that were released on February 10, 2020. We have summarized the notable changes below.
European data protection authorities have issued important guidance on the processing of personal data in connection with COVID-19. At a pan-European level, on March 19, 2020, the European Data Protection Board issued a statement on the processing of personal data in the context of the COVID-19 outbreak.
The UK’s Information Commissioner’s Office has, over the course of this week, published various notes of advice and blog posts to organisations and data subjects in respect of the coronavirus (COVID-19) pandemic.
Companies are working hard to balance the privacy of their employees and the need to keep employees informed and safe. Many have encouraged employees and visitors to report if they experience COVID-19 symptoms or have otherwise been exposed to the virus through travel or their communities. They have collected this […]
FTC Increasingly Looks to Public Companies’ SEC Disclosures for Privacy and Cybersecurity Enforcement Opportunities
While the FTC does not make its initial privacy and cybersecurity investigations public, there have been reports that the FTC has initiated an increasing number of privacy and cybersecurity-related enforcement actions following disclosures of privacy or cybersecurity incidents by public companies in their SEC filings.
On February 7 and 10, 2020, the California Attorney General released modifications to the proposed regulations implementing the California Consumer Privacy Act. The modifications substantially revise the initial version of the proposed regulations released last October. Notable changes focus on the following topics: Definitions of “personal information” and other key […]
The United Kingdom left the European Union at 11:00 pm on January 31, 2020. However, the UK has entered into transitional arrangements with the EU under which the existing data protection frameworks established by the GDPR, including the EU-US Privacy Shield, will continue to apply until December 31, 2020 (the period until […]
Background The Court of Justice of the European Union Advocate General issued his much‑anticipated opinion in the case commonly known as “Schrems 2.0.” The AG’s opinion is not legally binding. However, it is likely to influence the CJEU’s decision in the case, which is expected to be handed down […]