Month: July 2023

White House Releases National Cybersecurity Strategy Implementation Plan

On July 13, 2023, the White House unveiled its National Cybersecurity Strategy Implementation Plan (NCSIP or implementation plan), following the release of the National Cybersecurity Strategy. The implementation plan identifies five pillars that align with the strategy: The administration identified two key motivations for the strategy and implementation plan: The […]

Irish Circuit Court Awards Damages for ‘Non-Material’ Harm Under GDPR

On 11 July 2023, the Circuit Court of Ireland awarded 2,000 euros in compensation to a plaintiff seeking ‘non-material damage’ under Article 82 of the General Data Protection Regulation, in what is believed to be the first case in the European Union to follow the recent Court of Justice of […]

California Attorney General Announces Investigative Sweep Focused on Employment-Related Data

On July 14, 2023, the office of the California attorney general announced an investigative sweep of “large California employers” to request “information on the companies’ compliance with the California Consumer Privacy Act (CCPA) with respect to the personal information of employees and job applicants.” The attorney general has previously conducted […]

Transatlantic Data Economy Simplified: European Commission Adopts Adequacy Decision for EU-US Data Privacy Framework

On 10 July 2023, the European Commission adopted its adequacy decision concluding that the EU-US Data Privacy Framework provides an adequate level of protection for personal data transferred from the European Union (EU) to US companies. Approved by the US following President Joe Biden’s executive order in October 2022, the framework […]

Enforcement of CPRA Regulations Delayed Until 2024

A California court order has delayed enforcement of the implementing regulations for the California Privacy Rights Act of 2020 (CPRA) until March 29, 2024. The California Superior Court of Sacramento County issued the court order on Friday, June 30 — one day before enforcement of the CPRA regulations was originally […]