Results for: consumer privacy act
European Regulator Announces Strategic Data Protection Objectives for Upcoming Years
On 15 December 2020, the EU data protection regulator – the European Data Protection Board – adopted its Strategy for 2021-2023, which outlines its objectives and key actions for the upcoming years. At the outset, the EDPB recalls that its strategy, as well as its work in general, are guided […]
Cybersecurity Governance for Maturing Companies
With cyber resilience top of mind for investors, shareholders, regulators and the plaintiffs’ bar, growing organizations can no longer afford to put their cybersecurity efforts on the back burner. Building a cybersecurity program has become an essential element in the growth strategy. But where do you begin? Cooley’s cyber/data/privacy lawyers […]
AI and Algorithms: FTC Issues Guidance for Companies Amid Heightened Scrutiny
Even before the COVID-19 crisis, artificial intelligence and algorithms, particularly in the context of pricing, were a focus of the Federal Trade Commission and the Department of Justice’s Antitrust Division. With the COVID-19 pandemic shining a spotlight on online platforms and sellers using algorithms to set prices, it is particularly […]
Fashion ID Case: CJEU Rules on Plug-ins and Joint Controllership
On 29 July 2019, the Court of Justice of the European Union handed down its decision in the Fashion ID case, dealing with alleged unlawful data collection through the Facebook Like button and the controllership of said data. In short, the CJEU held that websites containing embedded third-party content can […]
The Department of Health and Human Services Issues Guidelines on Cybersecurity
On December 28, 2018, the U.S. Department of Health and Human Services (“HHS”) released the “Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients” publication (the “Cybersecurity Guidelines”), which provides voluntary cybersecurity practices designed to reduce security risks and improve security for various healthcare organizations. Specifically, the Cybersecurity Guidelines […]
Brazil’s New Data Protection Law: The LGPD
Updated September 3, 2019 Our post on key updates to the LGPD can be found here The global data protection landscape continues to evolve, and Brazil is the latest country to enact an omnibus law governing how organizations collect, use, disclose and otherwise process personal data. Beginning on August 16, […]
Introduction to Europe’s General Data Protection Regulation
What is it? The GDPR is a European law that will govern how companies (whether EU-based or not) use personal data. It replaces the existing law on use of personal data and comes into force on 25 May 2018. Many aspects of the existing law will remain in place, including the data […]