NIST Issues Preliminary Draft of Privacy Framework
Earlier this month, the National Institute of Standards and Technology (NIST) issued a Preliminary Draft of the Privacy Framework, which aligns with the NIST Cybersecurity Framework and is intended to help organizations better access and manage privacy risks during product and system design and development. Like the Cybersecurity Framework, the Privacy Framework is a voluntary […]
Closing Bell: California Legislature Passes Numerous CCPA Amendments and Other Privacy Bills on Final Day of 2019 Session
The last day of California’s 2019 legislative session on Sept. 13, 2019 saw a flurry of legislative activity as numerous CCPA amendments passed in the Assembly, after being amended in the Senate, and were sent to the governor for his consideration. The more substantial amendments sought by industry groups—including those […]
Nevada Privacy Law Gives Consumers Right to Opt Out of Sale of Personal Information, Following California’s Lead in CCPA
On May 29, 2019, Nevada passed a privacy law that gives consumers the right to opt out of the sale of their personal information. The law, SB 220, contains provisions that are similar to the California Consumer Privacy Act (CCPA)’s new requirements to allow consumers to opt out of the sale […]
CCPA Amendments: Expanded Private Right of Action Blocked; Exclusion of HR Data Advances
A number of bills seeking to amend the California Consumer Privacy Act of 2018 (CCPA) have been introduced this year, none more closely watched than SB 561, which would have extended the private right of action under the CCPA from security breaches to any violation of the CCPA. Despite support […]
Brexit and its Possible Impact on Data Transfers
In its strictest construction, what ‘Brexit’ means is clear, what it entails and what comes next is absolutely not. Therefore, this article will not focus on matters relating to any such future relationship, but rather only on the terms on which the UK may leave the EU and how that […]
California Consumer Privacy Act of 2018 – Full Text
For your ease of reference, we reproduce here a formatted, hyperlinked copy of the California Consumer Privacy Act of 2018 (CCPA), current as of February 4, 2020. We’ve included in parentheses the general topic for each section, though this our own interpretation and not set out in the CCPA itself. […]
GDPR DPO University – October 18
On Thursday, October 18, Cooley’s cyber/data/ privacy practice will be holding GDPR DPO University in our New York office. The EU General Data Protection Regulation has required many organizations to appoint Data Protection Officers. With demand for DPOs far outstripping the supply, many newly-minted DPOs need to quickly develop data […]
GDPR and AML – a perfect pair?
The General Data Protection Regulation (GDPR) has been one of the most highly anticipated and talked about changes to the legal sphere in years, affecting the vast majority of businesses and individuals alike. The primary focus to date has been on the implementation deadline of 25 May 2018 and the […]
FAQs on the California Consumer Privacy Act of 2018 – Part 1: The Basics
This post does not reflect amendments to the California Consumer Privacy Act (CCPA) enacted on October 11, 2019. Check back for updates or follow this blog. On June 28, 2018, the California Legislature passed Assembly Bill 375 and enacted the California Consumer Privacy Act of 2018 (the “CaCPA” or the “Act”). The […]
Crypto Up Next for IRS Enforcement
In an effort to maximize its limited resources, the IRS’ Large Business and International Division has been identifying issues that present greater risks of noncompliance. The list of identified issues has been growing since January 2017. Recently, the IRS added cryptocurrency to its list of compliance campaigns. In 2014, the […]