Author

Lothar Determann

Browsing

On February 7, 2020, the California Attorney General released its revised draft implementing regulations for the California Consumer Privacy Act. The revised regulations are not yet final. The California AG will accept written comments regarding the updated regulations until 5:00 pm (PST) on Tuesday, February 25, 2020. The following is a high-level overview of the key new requirements under the updated regulations that are important for businesses to consider in connection with their CCPA compliance…

In the flurry of bills relating to the California Consumer Privacy Act (CCPA), the California Legislature also enacted a law requiring data brokers to register, following a similar (but not identical) law in Vermont (see, https://iapp.org/news/a/analysis-vermonts-data-broker-regulation/) and attention by Congress, the FTC and advocates to data brokers in prior years (https://iapp.org/news/a/ftc-calls-for-legislative-action-to-regulate-data-brokers/). California lawmakers placed the broker law right before CCPA in the California Civil Code and clarified in Cal. Civ. Code §1798.99.88 that “Nothing ……

The European Union’s highest court, the Court of Justice of the European Union (CJEU), is evaluating the legitimacy of the EU standard contractual clauses (SCC). SCCs have been the bedrock of cross-border personal data transfers outside the EU for many years. Today, the advocate general (a.g.) has rendered an opinion on the Schrems II case. By way of brief background, Schrems II is a case before the Court of Justice of the European Union (CJEU)…

In January 2019, the U.S. Department of Justice published an opinion declaring that the agency interprets the federal Wire Act, which prohibits certain types of betting businesses in the U.S., to apply to gambling activities outside of sporting events and contests. This essentially reverses the Department of Justice’s opinion in 2011 that the Wire Act only applies to sports gambling. Therefore, businesses involved in interstate gambling activities of any type, such as lotteries and casino…

Effective January 1, 2020, according to a new Cal. Civ. Code § 1798.91.04(a), manufacturers of connected devices offered for sale or sold in California must equip such devices with reasonable security features to protect the device and any information contained in them from unauthorized access, destruction, use, modification, or disclosure. Unlike the GDPR and other data privacy laws, which impose obligations on data controllers and processors, the Californian law applies to organizations irrespective of whether…