Category: Policy & Legislation
Part 2: PIPL and GDPR Compliance Obligations on Cross-Border Transfers of Personal Information
As explained in our previous blog post, in addition to the requirements for adopting a cross-border transfer mechanism, China’s Personal Information Protection Law (PIPL) and the European Union’s General Data Protection Regulation (GDPR) set out further compliance obligations on the cross-border transfer of personal information.[1] Before controllers (under the GDPR) […]
Cross-Border Data Transfers: PIPL vs. GDPR vs. CCPA
Multinational companies often encounter questions regarding if and when they can transfer personal information[1] across borders. The People’s Republic of China’s Personal Information Protection Law (PIPL) adds new considerations for these inquiries[2], such as: Can employers in the China store their Chinese employees’ personal information on databases hosted in foreign […]
Cooley Privacy Talks: European Data Transfers: Where Do We Stand Now?
This post relates to Cooley’s Privacy Talks series – a webinar program featuring Cooley practitioners discussing practical guidance and best practices around managing data protection-related issues. Sessions range from the European General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA) – and all the other new data protection frameworks arising in […]
New UK International Data Transfer Tools in Force Starting March 21
After being presented to the UK Parliament in February 2022, the UK’s new data transfer tools are now in force and ready for use.
Data Act: EU Proposes Rules for Accessing and Sharing Industrial Data
On February 23, 2022, the European Commission published its proposal for the Data Act, which aims to maximize the value of industrial data in the economy by ensuring that a wider range of stakeholders gain control over their industrial data – and that more data is available for innovative use […]
US Justice Department Appoints First National Cryptocurrency Enforcement Director
The US Department of Justice has announced the appointment of Eun Young Choi as the first director of the National Cryptocurrency Enforcement Team. Choi has been a DOJ prosecutor for nearly a decade and most recently served as senior counsel to the deputy attorney general. Choi will lead the NCET in investigating […]
Cooley Privacy Talks: Overview of Privacy Enforcement Actions in the US and EU
This post relates to Cooley’s Privacy Talks series – a webinar program featuring Cooley practitioners discussing practical guidance and best practices around managing data protection-related issues. Sessions range from the European General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA) – and all the other new data protection frameworks arising in […]
New York Passes Two Laws Protecting Employee Privacy
The city and state governments of New York each recently passed laws to protect employee privacy – one law addressing use of automated decision-making tools in job interviews and promotions, and the other addressing electronic monitoring of employee communications.
France Issues Processor Guidelines on “Reusing Personal Data to Improve or Develop Services or Products”
On January 12, 2022, the French Data Protection Authority (CNIL) issued guidance (available in French only) that sets out the conditions for processors to reuse the personal data entrusted by controllers for their own purposes. The CNIL notably refers to a scenario where a processor wants to reuse the personal […]
New UK International Data Transfer Tools Presented to UK Parliament
Background Standard contractual clauses are one of the key tools relied upon by organizations that transfer personal data to recipients in ‘inadequate’ countries under the UK and/or the EU General Data Protection Regulation. However, unlike in the European Union – where new SCCs were adopted in 2021 (the “New EU […]