Category: Policy & Legislation
Cooley Privacy Talks: Reconciling the GDPR With the Clinical Trial Regulation (CTR)
This post relates to Cooley’s Privacy Talks series – a webinar program featuring Cooley practitioners discussing practical guidance and best practices around managing data protection-related issues. Sessions range from the European General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA) – and all the other new data protection frameworks […]
‘Controller,’ ‘Processor’ and ‘Transfer’: Some GDPR Concepts Re-Explained
Happy Data Privacy Day! Many companies are still struggling with some basic concepts of the General Data Protection Regulation, such as “controller,” “processor” and “transfer” of personal data. The European Data Protection Board (EDPB) has tried to shed some light on these concepts in its guidelines on the concepts of […]
PRC’s New Efforts to Facilitate Data Trading: Shanghai Data Exchange Kicks Off Trading
The new year ushered in a new way to commoditize personal data: the Shanghai Data Exchange (SDE). With the Personal Information Protection Law (PIPL) becoming effective on November 1, 2021 – as well as the Data Security Law (DSL) effective September 1, 2021, and the Cybersecurity Law (CSL) effective June […]
You’re Invited: Privacy Talks – Session 3 – Overview of Privacy Enforcement Actions in the US and EU
Join cyber/data/privacy vice chair and partner Patrick Van Eecke, partner, Tiana Demas and associate, Claire Blakey on Tuesday, January 11, 2022 from 9:00 am – 10:00 am Pacific Standard Time as they discuss “Overview of Privacy Enforcement Actions in the US and EU.” The lawyers will address the following questions: […]
Cooley Privacy Talks: UK Privacy Update
This post relates to Cooley’s Privacy Talks series – a webinar program featuring Cooley practitioners discussing practical guidance and best practices around managing data protection-related issues. Sessions range from the European General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA) – and all the other new data protection frameworks […]
French Data Protection Authority CNIL on a Hunt for Cookies
France’s data protection authority (CNIL) has proved again its determination to continue its enforcement strategy by issuing some 30 new formal notices to comply with its new guidelines on cookies on December 14, 2021. Previously, about 60 organizations were served with formal notices for not allowing website visitors to refuse […]
‘Inbox Advertising’: Direct Marketing Rules Apply to Ads in Email Inboxes
On November 25, 2021, the Court of Justice of the European Union (CJEU) held in the case C-102/20 that the display of advertising messages in a form similar to an actual email among others in an inbox constitutes an electronic mail for direct marketing purposes. Hence, rules on direct marketing […]
China’s New National Privacy Law: The PIPL
As the world continues to work from home in the wake of COVID-19, and companies lean on online technologies to conduct their businesses and service their customers, the People’s Republic of China (home to the most online users in the world), is one of the latest countries to pass a […]
New Standard Contractual Clauses: 10 Things You Need to Know
On the third anniversary of the General Data Protection Regulation, Cooley launched a series of webinar focused on the GDPR. The GDPR permits the transfer of data from the European Union and the European Economic Area (EEA) to third countries using standard contractual clauses (SCCs), which are a useful mechanism […]
Cybersecurity: SEC Enforcement, Disclosure Controls and Risk Factor Disclosure
With the new leadership at the Securities and Exchange Commission, industry commentators expect the Division of Enforcement to be more aggressive in several arenas, including public company disclosure of cybersecurity incidents. While this has been a stated focus of the SEC for more than 10 years, enforcement cases relating to […]