Category: Policy & Legislation
A Methodology for Conducting Data Transfers in a Post Schrems II World
On November 10, 2020, the European Data Protection Board issued two new pieces of guidance. Read together, they outline a detailed methodology to follow when conducting data transfers under the EU General Data Protection Regulation – such guidance has been keenly anticipated following the Court of Justice for the European […]
California Voters Pass the California Privacy Rights Act of 2020
California voters appear to have approved Proposition 24, a proposal to adopt the California Privacy Rights Act of 2020 (CPRA). As of this posting, California voters had voted “yes” on the measure by a 55-44% margin with 71% of precincts reporting. Most major media outlets have projected that the measure […]
Third Proposed Revisions to the CCPA Regulations: New Illustrative Examples and Minor Changes
On October 12, 2020, the California Attorney General published a third set of proposed modifications to the regulations adopted pursuant to the California Consumer Privacy Act. This follows revisions proposed in February and March 2020 that were largely approved following review by the Office of Administrative Law. As a reminder, […]
CFIUS Rule Puts National Security Spotlight on Investments that Result in Foreign Access to Sensitive Personal Data
Personal data is now a strategic asset under federal regulations. On October 15, 2020, a Final Rule by the Committee on Foreign Investment in the United States (CFIUS or the Committee) will become effective, imposing new requirements for foreign investment in light of national security risks related to sensitive personal […]
Second Largest GDPR Fine Issued in Germany
On October 1, 2020, the Data Protection Authority of Hamburg (the Hamburg DPA) announced that it had fined a German subsidiary of the clothing retailer H&M (H&M Germany) €35.2 million (approximately US $41 million at the time of writing) for data protection violations relating to the excessive monitoring of “several […]
Swiss Data Protection Authority Finds Swiss-US Privacy Shield Inadequate
Key takeaways Switzerland aligns with the Schrems II decision +5,000 organizations impacted by the Swiss announcement Contractual and technical measures, on an ad hoc basis, could be put in place to adequately protect data Absent viable measures that meet Swiss law requirements, parties should not engage in cross-border data transfers […]
European Parliament Debates the Impact of Schrems 2 on EU-US Data Transfers
On 3 September 2020, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (the LIBE Committee) held a debate with the EU Commission, the European Data Protection Board and Max Schrems himself to discuss the impact of the Court of Justice of the European Union judgment in the […]
California Legislature Passes One-Year Extension of CCPA’s Human Resources and B2B Exemptions
On August 30, 2020, the California Legislature passed Assembly Bill 1281, which would extend until January 1, 2022 the exemptions under the California Consumer Privacy Act for certain human resources and business-to-business information. Governor Newsom has until September 30, 2020 to sign or veto AB 1281. If the governor takes […]
LGPD Update: Brazil’s Data Protection Law Moves Closer to Taking Effect
Brazil’s data protection law, Lei Geral de Proteção de Dados (LGPD) (English translation available here), took a significant step forward on August 26, 2020, when the Brazilian Senate rejected the Chamber of Deputies’ proposal to postpone the LGPD’s effective date until December 31, 2020. The Senate also adopted a proposal […]
CCPA Regulations Take Effect August 14, 2020, California AG Announces Final Revisions
On August 14, 2020, the California Attorney General announced that the state’s Office of Administrative Law approved the AG’s proposed regulations pursuant to the California Consumer Privacy Act. The final regulations, which took immediate effect on the day of the announcement, reflect the withdrawal of the following provisions (as well […]