Debevoise Data Blog

DECEMBER 16, 2021

The Virginia Consumer Data Protection Act (“VCDPA”) and amendments to the California Consumer Privacy Act (“CCPA”)—enshrined in the California Privacy Rights Act (“CPRA”)—take effect on January 1, 2023. These developments have companies understandably concerned about complying with a patchwork of state laws.

Data protection 40

Data protection Compliance Law Law 40

Debevoise Data Blog

APRIL 29, 2022

On March 24, 2022, Utah enacted a comprehensive consumer privacy law, the Utah Consumer Privacy Act (“UCPA”). The UCPA, effective on December 31, 2023, is largely consistent with other comprehensive state privacy laws, but includes several key differences.

Law 52

Law Law Data protection Attorney 52

Debevoise Data Blog

MAY 23, 2022

Connecticut’s Governor signed the state’s comprehensive privacy law into effect on May 10, 2022, adding yet another category of state privacy law. These situations include processing for targeted advertising, sale, and certain profiling activities, as well as processing sensitive data.

Law 40

Law Law Compliance Attorney 40

Debevoise Data Blog

OCTOBER 18, 2021

The ban also exempts the Maryland Image Repository System, which allows law enforcement to compare images against a database drawn from motor vehicle records and mugshots. The law contains two main requirements. The TDPA provides for a private right of action for violation of the prohibition to sell, lease, or disclose data.

Law 52

Law Law Court Time-tracking 52

3 Geeks and a Law Blog

JULY 11, 2023

Generally however, it’s hard for global law firms right that sometimes have to compete with conflicting regimes. One out of every 40 of those attacks targeted a law firm or insurance carrier, and more than a quarter of law firms and a 2022. Not all, I believe only one or two state laws in the US require it.

Law firm 189

Law firm Time-tracking Due diligence Attorney 189

Debevoise Data Blog

JANUARY 17, 2025

Our top-eleven European data protection developments for the end of 2024 are: EU Cyber Resilience Act: The Council of the European Union approved the Cyber Resilience Act , introducing cybersecurity requirements for digital products sold in the EU. The UK Upper Tribunal did not consider the provisions under the UK GDPR.

Data protection 52

Data protection Compliance Court State law 52

Debevoise Data Blog

DECEMBER 1, 2021

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the 2022 edition of the Privacy Law Answer Book (Practising Law Institute, 2021), a user-friendly guide to the laws and regulations that govern how companies collect, use, store and transfer the personal information of their consumers and employees.

Law 52

Law Law Data protection Litigator 52