The Texas Attorney General has emerged as a significant regulatory enforcement authority for data privacy in the US. Traditionally, data privacy enforcement in the US has emanated from the Federal Trade Commission and other...more
2/4/2025
/ Compliance ,
Consent ,
Consumer Privacy Rights ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Personal Data ,
Popular ,
Privacy Laws ,
Privacy Notice Rule ,
State Privacy Laws
The momentum for change in US state privacy laws accelerated in 2024, driven by several significant developments, including efforts for a federal privacy law, state-level enforcement actions and the activation of four new...more
1/22/2025
/ Business Entities ,
Compliance ,
Consumer Privacy Rights ,
Corporate Counsel ,
Corporate Governance ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
State and Local Government ,
State Privacy Laws
The California Attorney General's (the "Cal AG") office appears to be moving forward with enforcement activities, despite a recent court ruling delaying enforcement of CPRA regulations. In the past month, since the amendments...more
8/16/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Employees ,
Employer Liability Issues ,
Employment Policies ,
Enforcement Actions ,
Hiring & Firing ,
Mobile Apps ,
New Regulations ,
Personal Information ,
Privacy Laws ,
Regulatory Agenda ,
State Privacy Laws
California employers' reprieve from obligations to employees to disclose data privacy practices and provide access rights to employees appears to be coming to an end as the California Privacy Rights Act (CPRA) becomes...more
10/12/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Confidential Communications ,
Data Collection ,
Data Privacy ,
Disclosure Requirements ,
Notice Requirements ,
Opt-Outs ,
Personal Information ,
Policies and Procedures ,
Privacy Laws
As state and federal legislatures across the United States continue to contemplate comprehensive data protection legislation, two pending laws—the California Privacy Rights Act (CPRA) and the Virginia Consumer Data Protection...more
As companies across industries continue to take advantage of existing and emerging technologies that involve the collection and use of human biometric identifiers, corporate privacy programs must take into account the unique...more
11/9/2020
/ Article III ,
Artificial Intelligence ,
Big Tech ,
Biometric Information ,
Biometric Information Privacy Act ,
Compliance ,
Cybersecurity ,
Data Collection ,
Data Retention ,
Emerging Technologies ,
IL Supreme Court ,
Innovative Technology ,
Popular ,
Regulatory Oversight ,
Robotics ,
Standing ,
State Data Breach Notification Statutes
On October 1, 2020, the US Department of the Treasury's Office of Foreign Assets Control ("OFAC") issued an advisory opinion on the sanctions risks associated with certain cyberattacks ("OFAC Guidance"). The OFAC Guidance...more
10/12/2020
/ Compliance ,
Cyber Attacks ,
Cybersecurity ,
Economic Sanctions ,
New Guidance ,
Office of Foreign Assets Control (OFAC) ,
Ransomware ,
Risk Assessment ,
Risk Management ,
Sanction Violations ,
SDN List ,
U.S. Treasury
On August 14, 2020, California’s Office of Administrative Law (“OAL”) approved the final version of the implementing regulations for the California Consumer Privacy Act (“Final Regulations”). The approval of these final...more
8/18/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Consumer Requests ,
Corporate Counsel ,
Data Security ,
Enforcement Actions ,
New Regulations ,
Notice and Comment ,
Notice Requirements ,
Personal Information ,
Privacy Policy ,
Recordkeeping Requirements ,
State Attorneys General ,
Verification Requirements
Irrespective of your industry, the current COVID-19 pandemic poses a new and unique challenge to organizations, their employees, and their customers. The emergence of COVID-19 has prompted organizations to collect and process...more
4/15/2020
/ Business Associates ,
California Consumer Privacy Act (CCPA) ,
Centers for Disease Control and Prevention (CDC) ,
Compliance ,
COPPA ,
Coronavirus/COVID-19 ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Employee Privacy Rights ,
Federal Trade Commission (FTC) ,
FERPA ,
Financial Industry Regulatory Authority (FINRA) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
NYDFS ,
OCR ,
Patient Privacy Rights ,
Telehealth
The CCPA took effect on 1 January 2020, introducing significant compliance burdens for most businesses that collect personal information about California residents. The reach of the CCPA extends beyond California and the US;...more
2/1/2020
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Protection Laws ,
Consumer Rights Directive ,
Corporate Liability ,
Data Collection ,
Data Sellers ,
Data Subjects Rights ,
EU ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
Multinationals ,
Personal Data ,
Personal Information ,
Risk Assessment ,
UK ,
UK Data Protection Act
Your business complies with the General Data Protection Regulation ("GDPR") and/or Turkish Personal Data Protection Law numbered 6698 and its secondary legislation ("PDPL"); but does it comply with the California Consumer...more
1/8/2020
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Protection Laws ,
Covered Entities ,
Cross-Border Transactions ,
Data Buyers ,
Data Collection ,
Data Processors ,
Data Sellers ,
Disclosure Requirements ,
E-Commerce ,
Electronic Payment Transactions ,
General Data Protection Regulation (GDPR) ,
Internet Streaming ,
Online Gaming ,
Opt-Outs ,
Personal Information ,
Portability ,
Privacy Laws ,
Right of Access ,
Right to Be Forgotten ,
Risk Assessment ,
Risk Mitigation ,
Transparency ,
Turkey ,
Turkish Personal Data Protection Law (PDPL)
White & Case Technology Newsflash With only 100 days left in 2019 as of the date of this publication, the California Consumer Privacy Act (CCPA) will be here before you know it. As we have described previously, the CCPA...more
9/24/2019
/ Amended Rules ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Protection Laws ,
Corporate Counsel ,
Data Collection ,
Data Sellers ,
Data-Sharing ,
Employee Training ,
Personal Information ,
Privacy Policy ,
Proposed Amendments ,
Transparency
As businesses continue to digitise their assets and operations, the need to continually assess IT infrastructure and the technical measures in place to safeguard key information assets and data becomes ever more important....more
5/3/2019
/ Artificial Intelligence ,
Compliance ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Security ,
Digital Service Providers ,
Encryption ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Internal Data Controls ,
IT-Departments ,
NCSC ,
NIS Regulations ,
Operators of Essential Services ,
Passwords ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Risk Mitigation ,
Sanctions ,
Security Audits ,
Security Risk Assessments ,
Software ,
UK ,
UK ICO