LawSites

DECEMBER 1, 2021

Sixty percent of general counsel are concerned that their risk landscape is expanding or becoming more difficult to navigate in areas spanning compliance, regulatory enforcement, data privacy, information security, emerging data sources and ongoing impacts of the pandemic.

e-discovery 52

e-discovery Compliance e-filing Data protection 52

Debevoise Data Blog

SEPTEMBER 21, 2022

The SCCs and IDTA will be the transfer tool of choice for most companies sending or receiving data from the EEA or UK. Businesses may want to consider carefully what existing agreements need updating and how they will update their data protection compliance procedures to ensure all new agreements use the correct clauses.

Data protection 52

Data protection Compliance Court 52

Legal IT Group

JANUARY 22, 2024

With this regard, it is essential to know about the privacy legislation of this country since, nowadays, most internet businesses process the personal data of their clients, and they should do it in compliance with data protection laws. So, what “agreed in principle” proposals are worth paying attention to?

Data protection 52

Data protection Compliance Litigator Litigation 52

Legal IT Group

NOVEMBER 10, 2023

First of all, the data can be transferred based on the adequacy decision or subject to appropriate safeguards. Among these safeguards, in particular, are binding corporate rules, standard data protection clauses, code of conduct, and certification mechanism. Then, in 2022, the UK also adopted new SCCs.

Data protection 52

Data protection Compliance Law Law 52

Legal IT Group

JULY 5, 2023

The role of codes of conduct in protecting personal data and what you need to know about compliance (and the consequences of deciding to comply but not doing so). The data protection issues in each situation with video technologies may differ, as well as the legal analysis when using a particular technology.

Data protection 52

Data protection Compliance Court Software 52

Debevoise Data Blog

DECEMBER 16, 2021

The Virginia Consumer Data Protection Act (“VCDPA”) and amendments to the California Consumer Privacy Act (“CCPA”)—enshrined in the California Privacy Rights Act (“CPRA”)—take effect on January 1, 2023. Assess the Need to Complete Data Protection Impact Assessments.

Data protection 40

Data protection Compliance Law Law 40

Debevoise Data Blog

NOVEMBER 29, 2023

Member States will be required to designate AI oversight authorities to ensure compliance with the new regulations. While some countries have indicated that they intend to allocate responsibility to their existing data protection authorities, others (such as Spain ) will create specific AI-focused agencies.

Compliance 52

Compliance Data protection e-records Law 52

Inside Privacy

MAY 23, 2023

After MEPs formalize their position through a plenary vote (expected this summer), the AI Act will enter the last stage of the legislative process: “trilogue” negotiations with the European Commission, Parliament and the Council, which adopted its own amendments in late 2022 (see our blog post here for further details).

Data protection 57

Data protection Compliance Law Law 57

Debevoise Data Blog

SEPTEMBER 19, 2022

On September 15, 2022, California Governor Gavin Newsom signed into law the bipartisan AB 2273 , known as the California Age-Appropriate Design Code Act (“California Design Code”). Notable affirmative obligations include: Data Protection Impact Assessments (“DPIAs”).

Data protection 52

Data protection Compliance Time-tracking Attorney 52

Inside Privacy

FEBRUARY 24, 2023

The Measures will take effect on June 1, 2023, but are subject to a 6-month grace period to allow companies time to bring their activities into compliance. The finalization of the Measures marks another important step forward in the establishment of China’s cross-border data transfer framework.

Compliance 52

Compliance Data protection Time-tracking Law 52

Legal Tech Blog

DECEMBER 8, 2022

While these are necessary to help reduce complacency towards internal data protection compliance and ensure organisations actively work to reduce their exposure, it isn’t always easy for companies to align. But how exactly can organisations bolster their data management processes?

e-discovery 52

e-discovery Compliance Machine learning Due diligence 52

Law Technology Today

AUGUST 15, 2023

By Oliver Patterson , director of product management, VIPRE Security Group Law firms are entrusted with handling vast amounts of highly-sensitive information, ranging from financial data and medical records to insurance claims and personal client details. lost/stolen computer or smartphone, hacker, break-in, website exploit)?

Law 57

Law Law Law firm Compliance 57

Debevoise Data Blog

OCTOBER 27, 2022

On 24 October 2022, the UK Information Commissioner’s Office (“ICO”) fined Interserve Group Limited £4.4 million for failing to implement appropriate technical and organisational measures to safeguard 113,000 individuals’ personal data in company HR databases.

Software 52

Software Compliance Data protection Time-tracking 52

Debevoise Data Blog

SEPTEMBER 14, 2022

On August 24, 2022, the California Attorney General announced updates to its California Consumer Privacy Act’s (“CCPA”) enforcement case examples. Other operational hints: The enforcement examples also shed light on what remedial measures the California Attorney General believes sufficiently cure alleged defects.

Analytics 52

Analytics Compliance Failure-to-appear Attorney 52

Debevoise Data Blog

FEBRUARY 6, 2023

Companies subject to ColoPA should review their practices to ensure compliance before ColoPA’s July 1, 2023 effective date. Rulemaking Timeline and Hearing The COAG has issued three iterations of its proposed rules on October 10, 2022, December 21, 2022, and January 27, 2023. Dark Patterns Forbidden.

Hearing 52

Hearing Data protection Law Law 52

Ikigai Law

AUGUST 7, 2023

Reporting entities must follow several compliance and reporting obligations under the anti-money laundering law. Main Course : Deep dive stories on card network portability, and impact of the data protection bill on fintechs. The data law is nearly here! The data law doesn’t tell processors what to do.

Data protection 52

Data protection Law Law e-records 52

Debevoise Data Blog

APRIL 29, 2022

On March 24, 2022, Utah enacted a comprehensive consumer privacy law, the Utah Consumer Privacy Act (“UCPA”). No Requirement to Conduct Risk Assessments or Data Protection Impact Assessments Under the UCPA, businesses are not required to conduct risk assessments related to their processing or control of personal data.

Law 52

Law Law Data protection Attorney 52

Debevoise Data Blog

MAY 23, 2022

Connecticut’s Governor signed the state’s comprehensive privacy law into effect on May 10, 2022, adding yet another category of state privacy law. state privacy laws in California, Virginia, Colorado, and Utah to draft “An Act Concerning Protection of Consumer Data Privacy and Online Monitoring” (the “Connecticut Privacy Act” or “CTPA”).

Law 40

Law Law Compliance Attorney 40

Debevoise Data Blog

MAY 31, 2023

A single incident—even a relatively minor one—may require notification to dozens of data protection, cyber, law enforcement, and sectoral regulators around the world, in addition to insurers, customers, and counterparties. To make matters worse, businesses cannot simply hire their way out of this morass.

e-filing 52

e-filing Data protection Compliance Law 52

Ikigai Law

FEBRUARY 9, 2023

Catch up quick : Released in December 2022, the proposal seeks to establish a central framework to protect users from risks like addiction and financial loss. The need for a graded approach for compliances was also discussed. Would a spin the wheel contest on an e-commerce platform be covered?

Due diligence 52

Due diligence Data protection Hearing Compliance 52

AXDRAFT

JANUARY 20, 2023

In March 2022, Hubspot reported a breach where malicious individuals accessed client data via an employee’s compromised account. During 2021–2022 , there was a surge in the use of SaaS applications, but it also led to an outbreak of cybercrime and stolen data: 81% of organizations experienced a breach of sensitive data.

Time-tracking 52

Time-tracking Contract management Software Analytics 52

Inside Privacy

MARCH 14, 2023

Following a report, the French supervisory authority (“CNIL”) audited two organizations carrying out medical research in early 2022 to check their compliance with these requirements. Despite being found in breach of the French data protection rules, none of the audited organizations were fined.

Data protection 65

Data protection Compliance 65

Debevoise Data Blog

OCTOBER 18, 2021

Baltimore’s ordinance sunsets on December 31, 2022, unless the City Council finds that the prohibitions remain in the public interest, in which case the ordinance may be extended for five more years. c) Texas Texas’s biometric privacy law also imposes similar requirements to BIPA, but allows more avenues for compliance.

Law 52

Law Law Court Time-tracking 52

Debevoise Data Blog

FEBRUARY 20, 2023

On 29 December 2022, the CNIL fined TikTok UK and Ireland as joint controllers €5 million for failing to: offer users the ability to refuse cookies as easily as accepting them (several clicks were required to refuse all cookies, as opposed to just one to accept them); and inform users in a sufficiently precise manner about cookie purposes.

Data protection 52

Data protection Compliance e-records Court 52

Ikigai Law

AUGUST 3, 2023

Our summary of the Digital Personal Data Protection Bill, 2023 The Digital Personal Data Protection Bill, 2023 ( 2023 Bill ) was tabled in Parliament on 3 August 2023. It is the fifth – and likely final – iteration of India’s efforts to formulate a personal data protection law.

Data protection 52

Data protection Compliance e-filing Hearing 52

Debevoise Data Blog

APRIL 28, 2023

UK ICO updates guidance to clarify requirements for fairness in AI What happened : The UK ICO has updated its existing Guidance on AI and data protection following requests from industry to clarify requirements for fairness in AI. Norwegian Data Protection Authority fines medical device company c.$240,000

Data protection 52

Data protection Compliance e-filing Software 52

Legal IT Group

JANUARY 30, 2023

This is the amount of a fine paid by a well-known company for violating the rules of the European General Data Protection Regulation (the GDPR). In this article, you will learn about the top 7 largest fines of 2022 and the personal data practices that should be avoided in your business. And 405,000,000 EUR?

Compliance 52

Compliance Data protection Analytics Law 52

Inside Privacy

APRIL 28, 2023

On 29 March 2023, the UK Information Commissioner’s Office (“ICO”) published updated Guidance on AI and data protection (the “Guidance”) following “requests from UK industry to clarify requirements for fairness in AI”. Additionally, the ICO have added a new annex on data protection fairness considerations across the AI lifecycle.

Data protection 74

Data protection Compliance Law Law 74

3 Geeks and a Law Blog

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. One out of every 40 of those attacks targeted a law firm or insurance carrier, and more than a quarter of law firms and a 2022.

Law firm 189

Law firm Time-tracking Due diligence Attorney 189

Debevoise Data Blog

SEPTEMBER 23, 2024

Our top-five European data protection developments from August are: Uber fined for personal data transfer: The Dutch Data Protection Authority fined Uber €290 million for the unlawful transfer of European drivers’ personal data to the U.S., without sufficient safeguards. ICO proposes £6.09

Data protection 52

Data protection Court Software Compliance 52

3 Geeks and a Law Blog

JANUARY 23, 2023

FINRA is 2023 report on its examination and risk monitoring program highlights the growing risks posed by cybercrime fraud and other bad actors and urges firms to strengthen their internal compliance and reporting structures to combat these threats.

Hearing 130

Hearing Time-tracking Judge e-filing 130

Debevoise Data Blog

JANUARY 17, 2025

Our top-eleven European data protection developments for the end of 2024 are: EU Cyber Resilience Act: The Council of the European Union approved the Cyber Resilience Act , introducing cybersecurity requirements for digital products sold in the EU.

Data protection 52

Data protection Compliance Court State law 52

Law Technology Today

APRIL 11, 2023

The Prevalence of Identity Theft Identity theft is a growing concern for global businesses, and the statistics for 2022 are alarming. According to the 2022 Identity Theft Resource Center’s Data Breach Report , there were 1,802 data compromises in the United States. Even small businesses are not spared.

Data protection 80

Data protection Failure-to-appear Software Lawsuit 80

Debevoise Data Blog

DECEMBER 1, 2021

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the 2022 edition of the Privacy Law Answer Book (Practising Law Institute, 2021), a user-friendly guide to the laws and regulations that govern how companies collect, use, store and transfer the personal information of their consumers and employees.

Law 52

Law Law Data protection Litigator 52

new tech law blog

DECEMBER 2, 2022

Entities transferring personal data outside the European Economic Area on the basis of standard contractual clauses that are no longer in force (where the transfer began before 27 September 2021) should conclude agreements based on new clauses by 27 December 2022.

Data protection 52

Data protection Compliance Court 52

Clio

JANUARY 30, 2024

Check out our blog post on understanding HIPAA compliance for more information. GDPR : To help address global needs for enhanced data security, in 2018, Europe introduced a unified data protection law, the General Data Protection Regulations (GDPR). Are they compliant?

Law firm 98

Law firm Law Law Due diligence 98

Debevoise Data Blog

NOVEMBER 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. This blog post explores some of the borrowed GDPR concepts and suggests resources companies might use as they develop their compliance programs.

Data protection 52

Data protection Law Law Compliance 52