All posts by Cooley

Europe’s Highest Court Invalidates the EU-US Privacy Shield, Casts Doubt on Viability of Model Clauses for Data Transfers to the US

On July 16, 2020, the Court of Justice of the European Union issued a decision that uprooted long-standing legal frameworks on which thousands of US and EU companies have relied to transfer personal data from the EU to the US.

California Attorney General Submits Final CCPA Regulations for Review

On June 1, the California Attorney General submitted its final proposed regulations implementing the CCPA to the California Office of Administrative Law (OAL) for its review and approval. The final regulations contain no material changes from the second modified draft regulations issued on March 11, 2020 (which is discussed in […]

Workplace Testing and Data Protection: Guidance for Employers

As the UK begins to ease lockdown measures, employers in all sectors are considering how their employees can return to work in the safest possible way. For many, this will include testing to check whether employees have (or have already had) COVID-19. Any employer wishing to carry out such testing […]

How the CLOUD Act is Likely to Trigger Legal Challenges

New York Law Journal “The CLOUD Act is about to stir up a legal storm. The act was originally passed in March 2018 to ensure US law enforcement officials could obtain information from US-based communications providers even if that information is stored overseas. But the act has another, more controversial provision: […]

Rigorous Privacy and InfoSec Requirements May Be in Store for Companies That Accept Government Equity Stakes

Federal government agencies, government-controlled corporations and some government contractors must comply with robust federal laws that govern federal agencies’ privacy and information security practices – the Privacy Act and FISMA, respectively. Now, these laws may apply to companies that accept federal government aid under the Coronavirus Aid, Relief, and Economic […]

US Guidance on Collection, Use and Disclosure of Personal Information to Combat COVID-19

Companies are working hard to balance the privacy of their employees and the need to keep employees informed and safe. Many have encouraged employees and visitors to report if they experience COVID-19 symptoms or have otherwise been exposed to the virus through travel or their communities. They have collected this […]

Data Protection Post-Brexit: Business as Usual (at Least Until 2021)

The United Kingdom left the European Union at 11:00 pm on January 31, 2020. However, the UK has entered into transitional arrangements with the EU under which the existing data protection frameworks established by the GDPR, including the EU-US Privacy Shield, will continue to apply until December 31, 2020 (the period until […]

Tardy for the CCPA Party? Tips for Your Last Month Before the Deadline

With a month left before the January 1, 2020 deadline to comply with the California Consumer Privacy Act, covered businesses should ideally be well on their way to compliance. But what if you procrastinated and find yourself tardy for the CCPA compliance party? Here are a few practical, last-minute tips […]

The DAA Announces the Development of New CCPA Tools for Ad Industry

On November 25, 2019, the Digital Advertising Alliance announced it is developing cross-industry tools for publishers, brands, agencies and adtech to provide a mechanism to opt out under the California Consumer Privacy Act, which takes effect on January 1, 2020. These tools align with the DAA’s self-regulatory guidelines and are […]

Effort to Exempt “HR Data” from CCPA Falters

Labor groups concerned about employee privacy have succeeded in slowing the effort to pass legislation exempting employer-held information from the California Consumer Privacy Act (“CCPA”).  Thanks to their intervention, the proposed legislation – AB 25 – has been revised to provide that the CCPA will apply to personal information of […]