All posts by Cooley

Virginia Becomes Second US State to Enact Comprehensive Privacy Law

Last week, Virginia’s governor signed into law the Consumer Data Protection Act, which will take effect on January 1, 2023. This makes Virginia the second state in the US to pass a comprehensive data privacy law. California became the first with the enactment of the California Consumer Privacy Act of […]

The European Commission Publishes Draft UK Adequacy Decision

What has happened? The European Commission has published its draft decision on February 19, 2021 granting data protection adequacy status to the UK under Article 45(3) of the GDPR. The draft decision is currently under review by the European Data Protection Board, which will issue its opinion (not binding) in […]

Global Privacy Roundup: The World Beyond Europe and California

Since Europe’s General Data Protection Regulation took effect in May 2018, a growing number of legislatures around the world have introduced comprehensive data protection laws that emulate the GDPR or have updated existing laws to align with it. California became the first major non-European economy to catch the GDPR wave […]

Brexit: Good News Regarding Transfers of Personal Data from the EEA to the UK

What has happened? The draft UK-EU post-Brexit Trade Deal provides that transfers of data to the UK from EU Member States will not be treated as “restricted transfers” to a non-EU country for a period of up to six months from January 1, 2021. This will also apply to transfers to […]

Data Protection and Brexit: Key Areas to Consider

For better or for worse: 2020 is shortly coming to an end. This means that the end of the Brexit transition period is also just around the corner. Background On December 31, 2020, the post-Brexit transitional arrangements between the EU and the UK will expire. However, the EU GDPR will […]

California Voters Pass the California Privacy Rights Act of 2020

California voters appear to have approved Proposition 24, a proposal to adopt the California Privacy Rights Act of 2020 (CPRA).  As of this posting, California voters had voted “yes” on the measure by a 55-44% margin with 71% of precincts reporting.  Most major media outlets have projected that the measure […]

Third Proposed Revisions to the CCPA Regulations: New Illustrative Examples and Minor Changes

On October 12, 2020, the California Attorney General published a third set of proposed modifications to the regulations adopted pursuant to the California Consumer Privacy Act. This follows revisions proposed in February and March 2020 that were largely approved following review by the Office of Administrative Law. As a reminder, […]

Second Largest GDPR Fine Issued in Germany

On October 1, 2020, the Data Protection Authority of Hamburg (the Hamburg DPA) announced that it had fined a German subsidiary of the clothing retailer H&M (H&M Germany) €35.2 million (approximately US $41 million at the time of writing) for data protection violations relating to the excessive monitoring of “several […]

Cybersecurity Governance for Maturing Companies

With cyber resilience top of mind for investors, shareholders, regulators and the plaintiffs’ bar, growing organizations can no longer afford to put their cybersecurity efforts on the back burner. Building a cybersecurity program has become an essential element in the growth strategy. But where do you begin? Cooley’s cyber/data/privacy lawyers […]

European Parliament Debates the Impact of Schrems 2 on EU-US Data Transfers

On 3 September 2020, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (the LIBE Committee) held a debate with the EU Commission, the European Data Protection Board and Max Schrems himself to discuss the impact of the Court of Justice of the European Union judgment in the […]