Rigorous Privacy and InfoSec Requirements May Be in Store for Companies That Accept Government Equity Stakes
Federal government agencies, government-controlled corporations and some government contractors must comply with robust federal laws that govern federal agencies’ privacy and information security practices – the Privacy Act and FISMA, respectively. Now, these laws may apply to companies that accept federal government aid under the Coronavirus Aid, Relief, and Economic […]
US Guidance on Collection, Use and Disclosure of Personal Information to Combat COVID-19
Companies are working hard to balance the privacy of their employees and the need to keep employees informed and safe. Many have encouraged employees and visitors to report if they experience COVID-19 symptoms or have otherwise been exposed to the virus through travel or their communities. They have collected this […]
Data Protection Post-Brexit: Business as Usual (at Least Until 2021)
The United Kingdom left the European Union at 11:00 pm on January 31, 2020. However, the UK has entered into transitional arrangements with the EU under which the existing data protection frameworks established by the GDPR, including the EU-US Privacy Shield, will continue to apply until December 31, 2020 (the period until […]
Tardy for the CCPA Party? Tips for Your Last Month Before the Deadline
With a month left before the January 1, 2020 deadline to comply with the California Consumer Privacy Act, covered businesses should ideally be well on their way to compliance. But what if you procrastinated and find yourself tardy for the CCPA compliance party? Here are a few practical, last-minute tips […]
The DAA Announces the Development of New CCPA Tools for Ad Industry
On November 25, 2019, the Digital Advertising Alliance announced it is developing cross-industry tools for publishers, brands, agencies and adtech to provide a mechanism to opt out under the California Consumer Privacy Act, which takes effect on January 1, 2020. These tools align with the DAA’s self-regulatory guidelines and are […]
Effort to Exempt “HR Data” from CCPA Falters
Labor groups concerned about employee privacy have succeeded in slowing the effort to pass legislation exempting employer-held information from the California Consumer Privacy Act (“CCPA”). Thanks to their intervention, the proposed legislation – AB 25 – has been revised to provide that the CCPA will apply to personal information of […]
Standing to be Dismissed – The U.S. D.D.C. Weighs in on “Actual Damage” in Data Breach Litigation
In Attias v. CareFirst, Inc., the U.S. District Court for the District of Columbia (D.D.C.) jumpstarted the debate concerning the harm plaintiffs must allege to move forward with data breach class action litigation. In recent years, courts across the country have disagreed about what constitutes an “injury-in-fact” when an individual’s […]
At GDPR’s One Year Mark, Continued Compliance Efforts are Key and Can Help with CCPA Compliance
With the EU General Data Protection Regulation (the “GDPR”) now over a year old, companies may feel that their data privacy challenges have settled down and that their GDPR work is complete. While that may be true for some companies, the reality for most is that their GDPR compliance efforts […]
GDPR: Looking to the Year Ahead
On 30 May 2019, the UK data protection regulator, the Information Commissioner’s Office (ICO) published a report, reflecting on its experiences over the year since the introduction of the General Data Protection Regulation (2016/679) (GDPR) and sharing its learnings.
Significant GDPR enforcement action imminent
The EU General Data Protection Regulation (the “GDPR”) has been in force for just under a year now. Prior to its coming into effect, a key topic of concern for many companies was the ability of Supervisory Authorities (EU Data Protection regulators) to impose potentially enormous fines. In the run […]