Tag: personal data
Understanding Washington’s My Health My Data (MHMD) Act: Applicability, Scope and Requirements
On January 31, 2024, Cooley lawyers Brooke Fritz and Andrew Epstein led a virtual presentation on Washington state’s My Health My Data (MHMD) Act. Below are some key highlights from the discussion. The MHMD Act’s origins and purposes:In an effort to close the “gap” that exists between consumer knowledge and […]
New Hampshire and New Jersey Pass Comprehensive Consumer Privacy Laws
The proliferation of state consumer privacy laws continues into 2024. On March 6, 2024, New Hampshire Gov. Chris Sununu signed SB255, the New Hampshire Privacy Act (NHPA), making New Hampshire the 14th state to enact a comprehensive privacy law. Similarly, on January 16, 2024, New Jersey Gov. Phil Murphy signed […]
Inundated With Requests Under New Jersey’s Daniel’s Law?
A flood of class action lawsuits have been filed against companies alleging violations of New Jersey’s Daniel’s Law. The statute – enacted after the son of a New Jersey federal judge was fatally shot by a disgruntled lawyer – is designed to protect judicial officials, law enforcement officers, child protective […]
Washington Attorney General Publishes Updated FAQ for My Health My Data Act
Without much fanfare, the Washington attorney general’s office updated its My Health My Data (MHMD) Act guidance FAQ in January 2024. Specifically, the updated guidance states that the consumer health data privacy policy must have its own “separate and distinct link” on a regulated entity’s homepage and “may not contain […]
Changes are Expected to the EU One-Stop-Shop Mechanism
Authored by Patrick Van Eecke, Loriane Sangaré-Vayssac and Enrique Capdevila this article was originally published in Privacy Laws & Business International Report, December 2023. Patrick van Eecke, Loriane Sangaré-Vayssac and Enrique Capdevila of Cooley analyse the updated guidelines for identifying the Lead Supervisory Authority and the draft GDPR Procedural Regulation. […]
Landmark Decision Handed Down on ICO’s Responsibilities in Handling Subject Access Requests
On 10 October 2023, the England and Wales Court of Appeal handed down its decision in Delo, R. (On the Application Of) v. The Information Commissioner, in which it upheld an earlier High Court ruling that the UK’s data protection regulator, the Information Commissioner’s Office (ICO), is not obliged to […]
China Loosens Cross-Border Data Transfer Controls
On September 28, 2023, the Cyberspace Administration of China (CAC) released draft Provisions on Regulating and Promoting Cross-Border Data Flows (see the Chinese version and the unofficial English translation) for public comments. The commenting period ends on October 15, 2023. While this draft is subject to change after the commenting […]
UK-US Data Bridge Gets Green Light
Closely following the establishment of the EU-US Data Privacy Framework (DPF) – see our July 2023 post – the UK has now agreed to an extension for the transfer of personal data from the UK to the US, known as the UK Extension to the EU-US Data Privacy Framework, or […]
CFPB Announces Plans to Extend FCRA to Data Brokers through Rulemaking
At an August 15, 2023, White House roundtable, Consumer Financial Protection Bureau (CFPB) Director Rohit Chopra announced plans to issue rules that would extend the Fair Credit Reporting Act (FCRA) to certain “data broker practices.” This announcement and a concurrently issued fact sheet come on the heels of a March […]
China Issues Measures on Generative Artificial Intelligence Services
On July 13, 2023, the Cyberspace Administration of China (CAC) and six other Chinese government agencies jointly released the final version of the Interim Administrative Measures for Generative Artificial Intelligence Services (see the Chinese version here). These measures will enter into force on August 15, 2023. For background, the CAC […]