Author

Helena Engfeldt

Browsing

On March 24, the Utah Consumer Privacy Act (UCPA) was signed into law. It will take effect on December 31, 2023. UCPA generally has a narrower scope of application than the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), and the General Data Protection Regulation (GDPR). It has multiple threshold requirements for applicability, excludes Utah residents acting in an employment or commercial context from protection (like…

2022 is looking to be an unprecedented year for California companies’ privacy law obligations. The California Privacy Rights Act (CPRA) takes effect on January 1, 2023, with a twelve-month look-back that also applies to the personal data of employees and business contacts. The new California Privacy Protection Agency is preparing regulations that will sit on top of existing rules from the California Attorney General. Meanwhile, the California Legislature is enacting privacy laws even though it has not…

In brief On “Privacy Day” – California Attorney General Rob Bonta announced an investigative sweep targeted at the data collection practices of businesses running consumer loyalty programs in California and issued notices of non-compliance to a number of “major corporations” in the retail, home improvement, travel, and food services industries. Such loyalty programs offered financial incentives to consumers (e.g., discounts, free items, and other rewards) in exchange for their personal information. Under the California Consumer Privacy Act…

*Article originally posted on IAPP.org* Privacy professionals around the world are feverishly working on configuring and implementing the European Union’s new Standard Contractual Clauses (“SCCs”). On September 27, 2021, companies in the European Economic Area (EEA) must not enter into new cross-border data transfer arrangements with companies in the United States and most other countries, unless the recipient outside the EEA agrees to the new SCCs (Elisabeth Dehareng, Francesca Gaudino and Brian Hengesbaugh, The road ahead…

US employers want employees to return to the brick and mortar workplace but with the COVID-19 Delta variant rampaging across the US and elsewhere, many employers are requiring employees to be vaccinated before they return – and they are requiring proof of vaccination. So, what can employers do to track the vaccination status of their employees? In this Quick Chat video, our Labor and Employment and Data Privacy lawyers discuss risks and best practices for US employers on tracking…

In the privacy world, there is no rest for the weary. In California, while most companies were just getting their programs running to address the California Consumer Privacy Act (“CCPA”), including some last minute changes to address the final version of the regulations issued in late fall 2020, the California Privacy Rights Act (“CPRA”) was officially certified on December 16, 2020 following voter approval in another privacy referendum in the November 2020 elections. CPRA sharpens…

Based on preliminary election results, Californians voted to enact the California Privacy Rights Act (“CPRA”), expanding and revising the California Consumer Privacy Act of 2018 (“CCPA”) effective January 1, 2023 with a one-year look-back to January 1, 2022 for some provisions. Companies around the world with business ties to California should start updating vendor contracts and prepare for new requirements under the statute and revised regulations to be issued by a new California Privacy Protection…

Multinational organizations subject to privacy laws, such as the EU General Data Protection Regulation, are sometimes also subject to seemingly conflicting trade law. One area of US trade law requires that before exporting certain products or technologies, companies screen against US sanctions lists to prevent the goods from being available to states or individuals deemed bad actors. The lists often contain sensitive information, including personal data relating to suspected or confirmed criminal liability. Click here…