Tag

Data Privacy & Security

Browsing

In this episode, Brian Hengesbaugh, Global Chair of Privacy & Security, is joined by Ben Slinn, senior associate in London, as they discuss data privacy predictions across the globe for the year ahead. Listen in to hear about: The data protection regime in the UK post Brexit and what lies aheadTrends and issues that we are seeing from an EU perspectiveKey developments and significant changes on the horizon outside of the EU For a more…

In Fall 2022, the Office of the Privacy Commissioner of Canada (OPC) published a study it had funded on the privacy implications of direct-to-patient commercial virtual care platforms (VCPs) in Canada, technologies that allow healthcare practitioners to provide healthcare services to patients remotely. While the study does not constitute binding law or guidance, it is nonetheless noteworthy for operators of VCPs because (1) it identifies practices by commercial operators that the study describes as problematic…

In this episode, Brian Hengesbaugh, Global Chair of Privacy and Security, is joined by Anne Petterd, privacy and cybersecurity partner based in Sydney, as they discuss privacy in the metaverse, highlighting key concerns at the intersection of these two complex and cutting-edge issues. The two explore universal topics of trust, transparency and how they relate to personal data protection in the digital environment. Listen in to hear more about: What is the metaverse? Who controls…

On December 13, the European Commission (“EC”) announced a draft decision on the adequacy of the U.S data protection regime to protect the personal data of European Union (“EU”) residents, the EU-U.S. Data Privacy Framework (“DPF”). The DPF, which was initially announced in March 2022 as a political agreement between the EU and the U.S., and then bolstered by President Biden’s Executive Order (“EO”) in October 2022, opens the door for an EU-U.S. data transfer…

Companies around the world have to comply with the Virginia Consumer Data Protection Act (VCDPA) with respect to personal data of consumers in Virginia. With the VCDPA, Virginia follows the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (CCPA) but excludes employee and business representative data from its scope. Businesses that have implemented measures to comply with the CCPA can leverage some of their existing vendor contract terms, website…

In this episode, Brian Hengesbaugh, Chair of Global Privacy and Security, is joined by Rachel Ehlers, Privacy and Cybersecurity partner based in Texas, as they discuss the heightened focus on biometrics and key data privacy issues surrounding this prevalent technology. Listen in to hear about: an overview of the key laws that govern biometric dataenforcement and litigation trends in this spaceconsiderations for in-house attorneys with regard to biometrics in the context of their privacy and…

Businesses that have implemented measures to comply with the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (“CCPA”) can leverage some of their existing vendor contract terms, website disclosures and data subject rights response processes to satisfy requirements under the Colorado Privacy Act (“CPA”). However, the CPA, and the recently published proposed CPA Rules, (located here), contain certain unique and prescriptive requirements that may warrant taking a…

This week, the California Privacy Protection Agency (“CPPA”) released modified proposed regulations (“Modified Regulations”) for compliance with the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”), and an explanation of the proposed changes, ahead of its upcoming Board Meetings. It is expected that the CPPA will discuss, and possibly adopt or modify further, the Modified Regulations during the CPPA Board Meetings which are scheduled for October 21-22 and October 28-29, 2022.…

In brief The draft of the Indonesian Personal Data Protection Law (“PDP Law”) was approved to become law by the Indonesian Parliament (Dewan Perwakilan Rakyat Republik Indonesia) on 20 September 2022. With this approval, we are nearing the end of the process of an ambitious piece of legislation, which took several years to get approval. For several years, Indonesia has only relied on various diverse regulations that contain privacy provisions without one comprehensive umbrella law on…

Businesses that have implemented compliance measures to comply with the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (“CCPA”) can leverage existing compliance mechanisms designed to comply with the CCPA to satisfy requirements under the Utah Consumer Privacy Act (“UCPA”), which will become operative on December 31, 2023. Most companies will not need to expand the scope of their CCPA-focused privacy notices to cover Utah residents exactly…