FTC Commissioners Ponder Future of Section 13(b) and Alternative Enforcement Mechanisms

Nearly a year after the Supreme Court stripped the FTC of its ability to obtain equitable monetary relief under Section 13(b) of the Federal Trade Commission Act (FTCA) in AMG Capital Management LLC v. FTC, the Commission convened an open meeting to discuss the impact of this decision on their activities, […]

Part 3: PIPL’s Localization Requirements and Restrictions on Responding to Foreign Judicial and Enforcement Agencies

Localization requirements China’s Personal Information Protection Law (PIPL) requires that operators of critical information infrastructure (e.g., China Mobile) and personal information processors that process personal information in an amount that reaches “the threshold specified by” the Cyberspace Administration of China (CAC) store personal information collected and generated in China locally.[1] […]

Part 2: PIPL and GDPR Compliance Obligations on Cross-Border Transfers of Personal Information

As explained in our previous blog post, in addition to the requirements for adopting a cross-border transfer mechanism, China’s Personal Information Protection Law (PIPL) and the European Union’s General Data Protection Regulation (GDPR) set out further compliance obligations on the cross-border transfer of personal information.[1] Before controllers (under the GDPR) […]

Cross-Border Data Transfers: PIPL vs. GDPR vs. CCPA

Multinational companies often encounter questions regarding if and when they can transfer personal information[1] across borders. The People’s Republic of China’s Personal Information Protection Law (PIPL) adds new considerations for these inquiries[2], such as: Can employers in the China store their Chinese employees’ personal information on databases hosted in foreign […]

Cooley Privacy Talks: European Data Transfers: Where Do We Stand Now?

This post relates to Cooley’s Privacy Talks series – a webinar program featuring Cooley practitioners discussing practical guidance and best practices around managing data protection-related issues. Sessions range from the European General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA) – and all the other new data protection frameworks arising in […]

New UK International Data Transfer Tools in Force Starting March 21

After being presented to the UK Parliament in February 2022, the UK’s new data transfer tools are now in force and ready for use.

Data Act: EU Proposes Rules for Accessing and Sharing Industrial Data

On February 23, 2022, the European Commission published its proposal for the Data Act, which aims to maximize the value of industrial data in the economy by ensuring that a wider range of stakeholders gain control over their industrial data – and that more data is available for innovative use […]

US Justice Department Appoints First National Cryptocurrency Enforcement Director

The US Department of Justice has announced the appointment of Eun Young Choi as the first director of the National Cryptocurrency Enforcement Team. Choi has been a DOJ prosecutor for nearly a decade and most recently served as senior counsel to the deputy attorney general. Choi will lead the NCET in investigating […]

Cooley Privacy Talks: Overview of Privacy Enforcement Actions in the US and EU

This post relates to Cooley’s Privacy Talks series – a webinar program featuring Cooley practitioners discussing practical guidance and best practices around managing data protection-related issues. Sessions range from the European General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA) – and all the other new data protection frameworks arising in […]

New York Passes Two Laws Protecting Employee Privacy

The city and state governments of New York each recently passed laws to protect employee privacy ­– one law addressing use of automated decision-making tools in job interviews and promotions, and the other addressing electronic monitoring of employee communications.