European Data Protection Board Publishes Opinions on European Commission’s Draft UK Adequacy Decision
The European Commission published on February 19, 2021 its draft decision granting data protection adequacy status to the UK under Article 45(3) of the GDPR. Once published, the European Commission submitted the draft decision to the European Data Protection Board for its review, which has just issued two opinions: Opinion […]
European Commission Proposes Stricter, More Encompassing Cybersecurity Obligations for Companies
The last months of 2020 saw impressive legislative activity by the European Commission, as it rolled out proposals for several regulations (namely, the Data Governance Act, the Digital Services Act and the Digital Markets Act), as well as proposed new Standard Contractual Clauses for international data transfers (expected to be […]
Improving Cyber Insurance Practice Should Be a Company’s Priority
The New York State Department of Financial Services recently issued guidance for New York-regulated property and casualty insurers to effectively manage the cyber insurance risk present in their insurance portfolio. The DFS’ guidance signals an effort to reduce overall volatility in the cyber insurance market, which has been compounded by […]
European Regulator Announces Strategic Data Protection Objectives for Upcoming Years
On 15 December 2020, the EU data protection regulator – the European Data Protection Board – adopted its Strategy for 2021-2023, which outlines its objectives and key actions for the upcoming years. At the outset, the EDPB recalls that its strategy, as well as its work in general, are guided […]
Regulating Big Data – European Commission Introduces Data Governance Bill
The European Commission published on November 25, 2020 a proposal for a Regulation on European Data Governance, also dubbed the Data Governance Act. It is one of several incoming pieces of legislation proposed at the EU level (including the Digital Services Act, expected in early December) in order to accomplish […]
Round 3: California AG Revises Proposed CCPA Regulations
On March 11, 2020, the California Attorney General released a second set of modifications to the proposed regulations implementing the California Consumer Privacy Act. These modifications include important updates to the first round of modifications that were released on February 10, 2020. We have summarized the notable changes below.
Round 2: California AG Revises Proposed CCPA Regulations
On February 7 and 10, 2020, the California Attorney General released modifications to the proposed regulations implementing the California Consumer Privacy Act. The modifications substantially revise the initial version of the proposed regulations released last October. Notable changes focus on the following topics: Definitions of “personal information” and other key […]
Schrems 2.0 – The Advocate General’s Opinion
Background The Court of Justice of the European Union Advocate General issued his much?anticipated opinion in the case commonly known as “Schrems 2.0.” The AG’s opinion is not legally binding. However, it is likely to influence the CJEU’s decision in the case, which is expected to be handed down […]
Private and Public CCPA Enforcement Will Launch on January 1, 2020 Despite California AG Delay
As we approach the January 1, 2020 effective date of the California Consumer Privacy Act (CCPA), many companies are feeling in the dark about how and when the CCPA will be enforced. Will the California Attorney General call on January 2nd? Will plaintiffs’ lawyers serve complaints on January 3rd? Will […]
LinkedIn Data Scraping Case Shows 9th Circ. Shift On CFAA
When may a company legally scrape data from another company’s website? Does it matter whether the website is open to the public or only to logged-in users? This is a contested area of law under the Computer Fraud and Abuse Act, 18 U.S.C. Section 1030, the federal statute that imposes […]