Tag

Data Privacy & Security

Browsing

In brief The draft of the Indonesian Personal Data Protection Law (“PDP Law”) was approved to become law by the Indonesian Parliament (Dewan Perwakilan Rakyat Republik Indonesia) on 20 September 2022. With this approval, we are nearing the end of the process of an ambitious piece of legislation, which took several years to get approval. For several years, Indonesia has only relied on various diverse regulations that contain privacy provisions without one comprehensive umbrella law on…

Businesses that have implemented compliance measures to comply with the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (“CCPA”) can leverage existing compliance mechanisms designed to comply with the CCPA to satisfy requirements under the Utah Consumer Privacy Act (“UCPA”), which will become operative on December 31, 2023. Most companies will not need to expand the scope of their CCPA-focused privacy notices to cover Utah residents exactly…

Businesses that have implemented compliance measures to comply with the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (“CCPA”) can leverage existing vendor contract terms, website disclosures and data subject right processes to satisfy requirements under Nevada’s Revised Statutes Chapter 603A (www.leg.state.nv.us/Division/Legal/LawLibrary/NRS/NRS-603A.html). Most companies will not need to expand the scope of CCPA-focused privacy notices, because the Nevada laws are much more narrowly framed. But, companies may…

*Article originally posted on IAPP.org* On Aug. 31, hopes were dashed when the California legislative session ended without enacting Assembly Bill 1102. The bill would have extended grace periods for certain business-to-business and human resources personal information under the California Consumer Privacy Act as amended by the California Privacy Rights Act. CCPA/CPRA will become fully operational on Jan. 1, 2023, for B2B and HR personal information and will be subject to the same rigorous California privacy regulations…

In brief The California Privacy Rights Act of 2020 (CPRA) amended the California Consumer Privacy Act of 2018 (CCPA) with most changes taking effect on 1 January 2023 with a twelve-month look-back. Limited exceptions concerning the personal data of employees and business contacts will expire. The new California Privacy Protection Agency (CPPA) has published draft regulations that will, once finalized, expand on the rules in the statute and existing regulations from the California Attorney General. The CPPA is…

In this episode, Manh Hung Tran, head of the Intellectual Property and Technology Practice Group in Vietnam, is joined by Dominic Edmondson, Special Counsel in our IP Tech group based in Hong Kong, as they discuss the latest developments in the data privacy landscape in Asia. Listen in to learn about the wave of new privacy laws across the region and the new sets of requirements that they entail, as well as: How GDPR has…

In this episode, Paul Glass, head of Cybersecurity in the UK, is joined by Teresa Michaud, co-chair of the North America Class Action subgroup, and Stephen Reynolds, partner based in Chicago, as they discuss consumer class actions in relation to data breaches and security incidents. Listen in to hear about: overriding themes that have characterized the last year of US class action litigationcybersecurity and data privacy trends and significant developments in the class action space,…

On April 28, 2022, the Connecticut State House passed Senate Bill (‘SB’) 6 for An Act Concerning Personal Data Privacy and Online Monitoring (‘the Act’), following its earlier passage by Connecticut’s Senate.  If enacted, the Act would take effect on 1 July 2023. Like California, Virginia, and Colorado, the Act would include several consumer rights, including the rights of access, correction, deletion, data portability, and the right to opt-out of targeted advertising, the sale of…

In this episode, Harry Valetk is joined by partners Francesca Gaudino, based in Milan, and Michaela Nebel, based in Frankfurt, as they discuss privacy notice obligations. Listen in to hear about whether or not data privacy notifications are still relevant and other key considerations that may be overlooked including: How often companies and data protection officers should review their noticesEmployee vs. customer privacy noticesOnline vs. offline privacy noticesLanguage requirements and more https://open.spotify.com/episode/0oqo22X8U2xPCznVDqUJtp Want to Learn…

In this uncertain time, some global companies are announcing that they are “leaving Russia.”  What does it mean to “leave Russia,” and what are the data privacy implications of doing so?  Setting aside the broader business, political, and other legal considerations, the following are some initial thoughts on these challenging and rapidly developing data privacy issues. What does it mean for a global company to “leave Russia”? The specifics of the answer to this question…