Breach of Patients’ Data Leads to Heavy Sanctions in France
At the end of February 2021, the French Data Protection Authority (CNIL) found out via the media about a massive personal data breach involving health-related data of about 500,000 French patients. After more than a year of investigation, CNIL has published its decision (available in French only) imposing a fine […]
EU Data Governance Act: Europe Regulating Big Data
What you need to know in a nutshell The Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance will go by its short name: Data Governance Act (DGA). The DGA was published in the Official Journal of the European Union […]
Cooley Privacy Talks: UK Privacy Update
This post relates to Cooley’s Privacy Talks series – a webinar program featuring Cooley practitioners discussing practical guidance and best practices around managing data protection-related issues. Sessions range from the European General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA) – and all the other new data protection frameworks […]
China’s New National Privacy Law: The PIPL
As the world continues to work from home in the wake of COVID-19, and companies lean on online technologies to conduct their businesses and service their customers, the People’s Republic of China (home to the most online users in the world), is one of the latest countries to pass a […]
DOJ Increases Efforts to Combat Cyber Breaches by Targeting Government Contractors
The US Department of Justice is increasing its arsenal to pursue cyber-related fraud by government contractors and grant recipients. The program, called the “Civil Cyber-Fraud Initiative,” was announced by Deputy Attorney General Lisa Monaco on Wednesday. The initiative – along with other recent steps taken by the federal government – […]
GDPR Three Years on the Road: The 10 Key Developments You Should Know
On the third anniversary of the General Data Protection Regulation, Cooley started a series of webinars focused on the GDPR. Our first webinar covers what we consider “the Top 10 key developments you should know” concerning the implementation of this ground-breaking personal data privacy regime.
Virginia Becomes Second US State to Enact Comprehensive Privacy Law
Last week, Virginia’s governor signed into law the Consumer Data Protection Act, which will take effect on January 1, 2023. This makes Virginia the second state in the US to pass a comprehensive data privacy law. California became the first with the enactment of the California Consumer Privacy Act of […]
The European Commission Publishes Draft UK Adequacy Decision
What has happened? The European Commission has published its draft decision on February 19, 2021 granting data protection adequacy status to the UK under Article 45(3) of the GDPR. The draft decision is currently under review by the European Data Protection Board, which will issue its opinion (not binding) in […]
Global Privacy Roundup: The World Beyond Europe and California
Since Europe’s General Data Protection Regulation took effect in May 2018, a growing number of legislatures around the world have introduced comprehensive data protection laws that emulate the GDPR or have updated existing laws to align with it. California became the first major non-European economy to catch the GDPR wave […]
Brexit: Good News Regarding Transfers of Personal Data from the EEA to the UK
What has happened? The draft UK-EU post-Brexit Trade Deal provides that transfers of data to the UK from EU Member States will not be treated as “restricted transfers” to a non-EU country for a period of up to six months from January 1, 2021. This will also apply to transfers to […]