Tag: feature
SEC Enforcement Targets Cybersecurity Disclosures Again
Securities and Exchange Commission Chairman Gary Gensler has pledged to bring a renewed focus to robust enforcement of the federal securities laws. As we observed in a recent blog post, under Chairman Gensler and Director Gurbir Grewal, the SEC’s Division of Enforcement will be more aggressive in several arenas—including public company […]
GDPR Three Years on the Road: The 10 Key Developments You Should Know
On the third anniversary of the General Data Protection Regulation, Cooley started a series of webinars focused on the GDPR. Our first webinar covers what we consider “the Top 10 key developments you should know” concerning the implementation of this ground-breaking personal data privacy regime.
Takeaways from the California Attorney General’s First-Year CCPA Enforcement Update
Just over one year ago, on July 1, 2020, the California attorney general began enforcing the California Consumer Privacy Act. To mark the one-year anniversary of enforcement actions, California Attorney General Rob Bonta provided an update on his office’s CCPA enforcement efforts over the past year (and published an accompanying […]
Virginia Becomes Second US State to Enact Comprehensive Privacy Law
Last week, Virginia’s governor signed into law the Consumer Data Protection Act, which will take effect on January 1, 2023. This makes Virginia the second state in the US to pass a comprehensive data privacy law. California became the first with the enactment of the California Consumer Privacy Act of […]
European Commission Proposes Stricter, More Encompassing Cybersecurity Obligations for Companies
The last months of 2020 saw impressive legislative activity by the European Commission, as it rolled out proposals for several regulations (namely, the Data Governance Act, the Digital Services Act and the Digital Markets Act), as well as proposed new Standard Contractual Clauses for international data transfers (expected to be […]
The European Commission Publishes Draft UK Adequacy Decision
What has happened? The European Commission has published its draft decision on February 19, 2021 granting data protection adequacy status to the UK under Article 45(3) of the GDPR. The draft decision is currently under review by the European Data Protection Board, which will issue its opinion (not binding) in […]
Improving Cyber Insurance Practice Should Be a Company’s Priority
The New York State Department of Financial Services recently issued guidance for New York-regulated property and casualty insurers to effectively manage the cyber insurance risk present in their insurance portfolio. The DFS’ guidance signals an effort to reduce overall volatility in the cyber insurance market, which has been compounded by […]
European Regulator Announces Strategic Data Protection Objectives for Upcoming Years
On 15 December 2020, the EU data protection regulator – the European Data Protection Board – adopted its Strategy for 2021-2023, which outlines its objectives and key actions for the upcoming years. At the outset, the EDPB recalls that its strategy, as well as its work in general, are guided […]
Global Privacy Roundup: The World Beyond Europe and California
Since Europe’s General Data Protection Regulation took effect in May 2018, a growing number of legislatures around the world have introduced comprehensive data protection laws that emulate the GDPR or have updated existing laws to align with it. California became the first major non-European economy to catch the GDPR wave […]
Brexit: Good News Regarding Transfers of Personal Data from the EEA to the UK
What has happened? The draft UK-EU post-Brexit Trade Deal provides that transfers of data to the UK from EU Member States will not be treated as “restricted transfers” to a non-EU country for a period of up to six months from January 1, 2021. This will also apply to transfers to […]