On February 28, 2023, the European Data Protection Board (“EDPB”) issued its opinion on the draft adequacy decision of the European Commission (the “Commission”) on the new EU-US Data Privacy Framework (“DPF”). The EDPB expressed reservations in connection with the DPF, which will now undergo scrutiny by other European institutions.
Who Should Read This Legal
The Biden administration released its National Cybersecurity Strategy (“Strategy”) on March 2, 2023.1 The Strategy builds on previous policy actions by the Biden administration that sought to strengthen cybersecurity in critical infrastructure and protect personal data, including through regulatory action, government procurement requirements, and an emphasis on software security. The Strategy calls for (1)
On 13 December 2022, the European Commission published its draft adequacy decision for EU-U.S. data transfers. The draft decision follows the EU-U.S. announcement of an agreement on a new EU-U.S. Data Privacy Framework (“DPF”) in March 2022 as well as the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (“Executive Order”) signed
With the cybersecurity landscape evolving ever more rapidly, and the threats to businesses’ critical information and assets—as well as to their bottom lines—are only increasing. Breaches continue to grow in scale and sophistication, regulators are crowding the field with an expanding and shifting array of requirements and de facto standards, and litigation remains perilous. Now,
The California Privacy Rights Act (CPRA) will go into effect on January 1, 2023, even though the draft regulations remain unsettled, leaving companies questioning their ability to comply. In this talk with Jennifer Barrera of CalChamber, we’ll discuss some of the outstanding issues that will have impacts in the state, across the country, and, indeed,
As cybersecurity and privacy risks mount, financial services companies face new concerns about compliance and enforcement as well as the risk of business interruption and costly litigation. In this Cybersecurity Awareness Month program, our lawyers will discuss the recent regulatory developments from the New York Department of Financial Services (NYDFS) that are presenting real-world challenges
On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities,1 which is intended to implement U.S. commitments under the Trans-Atlantic Data Privacy Framework (DPF) announced in March 2022. With the new executive order, the Biden administration aims to strengthen the legal foundation for trans-Atlantic
On September 8, 2022, the Federal Trade Commission (FTC) held a virtual public forum on the agency’s release last month of an Advance Notice of Proposed Rulemaking (ANPR) to regulate the protection of consumers’ privacy and data security, which we covered in a prior Legal Update. In addition to allowing the public the opportunity
Online businesses that sell to California residents should take note of a recent enforcement action by the state’s attorney general (AG) signaling that adequate notice of sale must be provided in a business’s privacy policy, California residents’ opt-out requests must be honored, and, from the AG’s perspective, the use of third-party cookies for targeted advertising
On August 11, 2022, the Federal Trade Commission (FTC) voted 3-2 on partisan lines to file an Advance Notice of Proposed Rulemaking (ANPR) that would regulate the protection of consumers’ privacy and data security in a rulemaking titled “Trade Regulation Rule on Commercial Surveillance and Data Security.”
The release of this ANPR—in the midst of