The Bottom Line As a result of Brexit, the UK has introduced its own new documents to govern certain cross-border transfers of personal data.Businesses need to be aware of the similarities and differences between the EU and UK approaches. After Brexit took effect last year, the United Continue Reading
EU Regulators Rule Ad Tech Industry’s TCF Framework Violates GDPR
The Bottom Line The EU’s decision has struck at the heart of the ad tech industry’s system designed to ensure compliance with the GDPR when personal data is collected for retargeting. The program behind the scenes when an EU data subject sees a cookie banner may require significant Continue Reading
The Top 5 Privacy Issues to Watch for in 2022
The Bottom Line While every year brings new complexities to privacy law compliance, 2022 is poised to be a very impactful year.With three new U.S. state laws going into effect in 2023 and additional developments in Europe, companies may need to update their privacy programs, policies, and Continue Reading
European Commission Adopts Revisions to Standard Contractual Clauses
The Bottom Line The revised SCCs published by the European Commission will provide businesses with more flexibility to enter data sharing arrangements with controllers and processors outside of the European Economic Area.Businesses should revisit their contractual arrangements and identify any Continue Reading
Virginia Becomes the Second State to Pass a Comprehensive Privacy Law
The Bottom Line While Virginia is now the second state with a comprehensive consumer privacy law, it certainly will not be the last.With CCPA already in effect and the CDPA and CPRA both on the horizon, companies will need to begin planning now to update their privacy programs to ensure Continue Reading
EU-U.S. Data Transfers Post Schrems II
The Bottom Line The Schrems II decision inserted a great deal of uncertainty into data transfers from the EU to the United States. Regulators on both sides of the Atlantic continue to provide guidance, but have not completed negotiations on a new process. Businesses must remain as vigilant and Continue Reading
And the Winner of This Year’s Election Is… the California Privacy Rights Act
The Bottom Line Now that California voters have approved the CPRA, also known as “CCPA 2.0”, businesses should review (or create) their privacy programs to ensure compliance with the CCPA (in its current form, including the recently finalized regulations) as well the new changes that will take Continue Reading
Schrems II: The EU-US Privacy Shield Is a Thing of the Past
The Bottom Line Now that the European Union has invalidated the EU-US Privacy Shield Framework, companies will need to re-examine the methods they use to transfer personal data of EU data subjects from the EU to the U.S. The Standard Contractual Clauses, which survived the court’s ruling for now, Continue Reading
European Commission Marks GDPR’s Second Anniversary with a Review and Possible Updates
The Bottom Line While GDPR was intended to harmonize data protection law throughout the EU and provide consistent controls for processing personal data, the European Commission recognizes that there are areas for improvement. The Commission is currently engaged in issuing new standard contractual Continue Reading
Competing Bipartisan COVID-19 Privacy Bills to Be Introduced
The Bottom Line With pressures mounting to find new ways to fight the coronavirus and responsibly ease social distancing restrictions, the use of mobile and geolocation technologies may be key in this fight. Therefore, both The COVID-19 Consumer Data Protection Act and Continue Reading