Compliance, Data protection and Definition

Data Protection in the Workplace: Employer Guidance

Legal IT Group

SEPTEMBER 19, 2023

For example, in 2020, the Data Protection Authority of Hamburg imposed a 35.3 This fact became known when the H&M servers encountered a technical error, and the data on the network drive became accessible to all employees for a few hours. Read more about employer monitoring and data protection in our previous article.

Data protection

Data protection Compliance e-records Law

Overhaul of the Australian Privacy Act

Legal IT Group

JANUARY 22, 2024

With this regard, it is essential to know about the privacy legislation of this country since, nowadays, most internet businesses process the personal data of their clients, and they should do it in compliance with data protection laws. The “personal information” definition is amended. What to do now?

Data protection

Data protection Compliance Litigator Litigation

How to handle security incidents/data breaches under the LGPD

Legal IT Group

FEBRUARY 23, 2023

Introduction In our previous articles , we have already drawn your attention to the Brazilian data protection legislation which is quite similar to the General Data Protection Regulation (GDPR). Also, the company’s representative or the data protection officer may send this report on behalf of the data controller.

Data protection

Data protection Compliance e-filing Law

Webinars

The New Way of Conducting Patent Research: Proven Strategies For Efficient Due Diligence

AI for Paralegals: Everything You Need to Know (and How to Use It Safely)

The Tech-Savvy Paralegals Playbook: How To Leverage AI

Uncovering The Hidden Connections: A Patent Family Survival Guide

MORE WEBINARS

“Dark patterns” targeted by EU institutions

new tech law blog

MARCH 10, 2023

“Dark patterns” used by online platform providers have been controversial for some time, but recently there has been a growing buzz about them, in particular due to actions undertaken by EU and national data protection and consumer protection authorities. What are “dark patterns”?

Data protection

Data protection Compliance Law Law

Virginia Enacts a Comprehensive Privacy Law – Similarities and Differences Among VCDPA, CCPA and GDPR

Debevoise Data Blog

MARCH 4, 2021

state with a comprehensive privacy law, with Governor Ralph Northam’s signing of the Virginia Consumer Data Protection Act (“VCDPA”) on March 2, 2021. law in the direction of its overseas cousin, the European Union’s General Data Protection Regulation (“GDPR”). What data is covered by VCDPA? It also pulls U.S.

Data protection

Data protection Law Law Compliance

Comments on the Ruling Declaring California’s Age-Appropriate Design Code (AADC) Unconstitutional–NetChoice v. Bonta

Eric Goldman

OCTOBER 16, 2023

If you really care about the kids, shouldn’t the protections be ubiquitous? Because the AADC adopts the same definition of “business” as the CCPA/CPRA, this ruling highlights that any speech restrictions in those laws remain vulnerable to a constitutional attack. Means-Fit The law falls apart on the means-fit analysis.

Court

Court Failure-to-appear Data protection Judge

California’s Age-Appropriate Design Code Act Expands Businesses’ Privacy Obligations Regarding Minors

Debevoise Data Blog

SEPTEMBER 19, 2022

The California Design Code’s business obligations take effect on July 1, 2024, though certain businesses must complete Data Protection Impact Assessments “on or before” that date. Notable affirmative obligations include: Data Protection Impact Assessments (“DPIAs”). Definition of “Child” Under age 18. Under age 18.

Data protection

Data protection Compliance Time-tracking Attorney

Top 10 Reasons to Streamline Your Business with ALOE

Bigfork Tech

JUNE 25, 2024

From contract creation to signature and beyond, this integration streamlines operations, eliminates paperwork, and minimizes errors, thereby ensuring compliance with legal standards. DocuSign Integration : Facilitating a smooth contract management process, ALOE integrates seamlessly with DocuSign. Why Choose ALOE?

Contract management

Contract management Time-tracking Software Data protection

The Arrival of 2023 U.S. State Privacy Laws – Part 2: Colorado Update

Debevoise Data Blog

FEBRUARY 6, 2023

Companies subject to ColoPA should review their practices to ensure compliance before ColoPA’s July 1, 2023 effective date. Under ColoPA, “publicly available” information is excluded from its definition of personal data. Additionally, consumers must be able to withdraw consent at any given time. Dark Patterns Forbidden.

Hearing

Hearing Data protection Law Law

CCPA Enforcement Actions Take Aim at Sales of Personal Information

Debevoise Data Blog

SEPTEMBER 14, 2022

A large number of the examples focused on compliance with the CCPA’s requirements for “sales” of personal information, including the obligation that businesses honor consumers’ use of a Global Privacy Control (“GPC”) opt-out signals.

Analytics

Analytics Compliance Failure-to-appear Attorney

You Can’t Have Legal GRC Optimisation Without Data Management Improvement?

Legal Tech Blog

DECEMBER 8, 2022

While these are necessary to help reduce complacency towards internal data protection compliance and ensure organisations actively work to reduce their exposure, it isn’t always easy for companies to align. But how exactly can organisations bolster their data management processes?

e-discovery

e-discovery Compliance Machine learning Due diligence

Utah Joins the Comprehensive State Privacy Law Club

Debevoise Data Blog

APRIL 29, 2022

In prior posts, we have written about the evolving state privacy law landscape, including how to prepare for state privacy laws coming into effect in 2023 here ; various aspects of the CCPA and CPRA, including here and here ; and the Virginia Consumer Data Protection Act (“VCDPA”) here. UCPA § 13-61-103(31)(b)(iii).

Law

Law Law Data protection Attorney

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

This would seem to eliminate not just the possibility of compliance-by-signage but also the possibility of online consent. Massachusetts would also completely ban “monetizing” – a term defined broadly –biometric identifiers as well as geolocation data. Compliance.

Compliance

Compliance Federal law Data protection Machine learning

Connecticut’s Next Generation Data Privacy Law

Debevoise Data Blog

MAY 23, 2022

Here, we highlight key aspects of the CTPA with a focus on the provisions that companies should consider in their compliance preparations. Like the CCPA/CPRA and ColoPA, the CTPA defines “sale” to include the exchange of data for monetary or other valuable consideration. CTPA § 1(26). CTPA §§ 1(27) & 6(a)(4). CTPA § 1(6).

Law

Law Law Compliance Attorney

Importance of Recurring Payment for Law Firms

MatterSuite

JANUARY 9, 2024

Let’s delve into the various aspects of recurring payments, from their definitions to the advantages they bring to law firms. Topics will include encryption standards, compliance with data protection regulations, and the importance of selecting secure payment gateways.

Law firm

Law firm Law Law Time-tracking

Importance of Recurring Payment for Law Firms

MatterSuite

JANUARY 9, 2024

Let’s delve into the various aspects of recurring payments, from their definitions to the advantages they bring to law firms. Topics will include encryption standards, compliance with data protection regulations, and the importance of selecting secure payment gateways.

Law firm

Law firm Law Law Time-tracking

Tech Ticker Issue 42: January 2023

Ikigai Law

FEBRUARY 9, 2023

The need for a graded approach for compliances was also discussed. Largely, the government is open to comments from stakeholders on the definition of ‘online games’ and other issues. Other bills that might be discussed include the draft Digital Personal Data Protection Bill and the Telecommunication Bill.

Due diligence

Due diligence Data protection Hearing Compliance

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

Illinois’ Biometric Information Privacy Act (“BIPA”) excludes both “digital photographs” and “information derived from” photographs from the definition of “biometric information.” c) Texas Texas’s biometric privacy law also imposes similar requirements to BIPA, but allows more avenues for compliance.

Law

Law Law Court Time-tracking

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

3 Geeks and a Law Blog

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. So I definitely think data. I mentioned employee errors, but also insider threats. You know, they do.

Law firm

Law firm Time-tracking Due diligence Attorney

Summary of the Digital Personal Data Protection Bill, 2023

Ikigai Law

AUGUST 3, 2023

Our summary of the Digital Personal Data Protection Bill, 2023 The Digital Personal Data Protection Bill, 2023 ( 2023 Bill ) was tabled in Parliament on 3 August 2023. It is the fifth – and likely final – iteration of India’s efforts to formulate a personal data protection law.

Data protection

Data protection Compliance e-filing Hearing

“Bossware” under labour and data protection law

new tech law blog

JANUARY 2, 2023

In this regard, we describe below what they should take under consideration in light of Polish labour law and data protection law. Therefore, implementation and exploitation of such solutions by the employer (as a controller of employee data) must be done in compliance with the rules for processing of personal data under Art.

Data protection

Data protection Law Law Time-tracking

What the GDPR Can Tell Us About State Privacy Laws

Debevoise Data Blog

NOVEMBER 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. This blog post explores some of the borrowed GDPR concepts and suggests resources companies might use as they develop their compliance programs.

Data protection

Data protection Law Law Compliance

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Clio

JANUARY 30, 2024

Check out our blog post on understanding HIPAA compliance for more information. GDPR : To help address global needs for enhanced data security, in 2018, Europe introduced a unified data protection law, the General Data Protection Regulations (GDPR). Are they compliant?

Law firm

Law firm Law Law Due diligence

A “light touch” approach to AI regulation in the UK

Technology Law Dispatch

APRIL 18, 2023

Safety, security and robustness – regulators may need to consider technical standards, for example addressing testing and data quality. Accountability and governance – regulators will need to determine who is accountable for compliance with existing regulation and the principles, and provide guidance on how to demonstrate accountability.

Data protection

Data protection Compliance

Protection of personal data in Brazil: differences in the scope of the LGPD and the new penal practice

Legal IT Group

SEPTEMBER 29, 2023

Brazil’s Lei Geral de Proteção de Dados Pessoais (or LGPD), similar to GDPR, CCPA and PIPEDA, regulates personal data protection. If the company does not process personal data in Brazil but still processes data to offer or supply goods or services to Brazil, the LGPD also applies in this case. Apparently not.

Data protection

Data protection Compliance Court Law

European Data Protection Roundup – October 2023

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection

Data protection Compliance Failure-to-appear e-records

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Legal Tech Monitor

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. So I definitely think data. I mentioned employee errors, but also insider threats. You know, they do.

Law firm

Law firm Time-tracking Due diligence Attorney

European Data Protection Roundup – February

Debevoise Data Blog

MARCH 26, 2023

As multi-jurisdiction data protection concerns expand and opportunities to rely on a lead supervisory authority may narrow , the EDPB is emphasising consistency of decisions between national supervisory authorities through, among other measures, the development of approval procedures that require a cooperation phase and the creation of task forces.

Data protection

Data protection Compliance Court Law

UK Data Protection Bill No.2 – What is changed?

Technology Law Dispatch

MARCH 24, 2023

On 8 March 2023, the UK government presented a new version of the UK Data Protection and Digital Information Bill No.2. As with the previous bill, the new bill aims to alleviate the burden of compliance with the UK GDPR and its implementing UK Data Protection Act (2018) for organisations in the UK.

Data protection

Data protection Failure-to-appear Compliance Software

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Debevoise Data Blog

DECEMBER 1, 2021

Addressing the medical privacy essentials: HIPPA and the new challenges posed by the rise of telemedicine, especially during the Covid-19 pandemic, this chapter closely examines medical privacy and it contains helpful practice notes pertaining to HIPPA’s intricate definitions and requirements. practitioners: European Union, the U.K.,

Law

Law Law Data protection Litigator

European Data Protection Roundup – November 2023

Debevoise Data Blog

DECEMBER 22, 2023

For example, the Garante notes the need to incorporate data protection by design and by default principles within any AI systems used in the healthcare space. In particular, the paper recommends the use of internal data access controls, regular auditing of data security measures, and the use of data protection impact assessments.

Data protection

Data protection Time-tracking Compliance Machine learning

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Debevoise Data Blog

JULY 9, 2021

Colorado has just adopted a brand-new data privacy law and Nevada has just significantly amended its law. These changes add rights for consumers, and compliance obligations for businesses, that take the U.S. Businesses would also need to obtain consumer consent prior to collecting any sensitive data.

Data protection

Data protection Compliance Attorney State law

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

state privacy law, including updates to the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”), the Colorado Protect Personal Data Privacy Act (“ColoPA”), the Connecticut Privacy Act (“CTPA”), the Virginia Consumer Data Protection Act (“VCDPA”), and the Utah Consumer Privacy Act (“UCPA”).

State law

State law Federal law Compliance Data protection

UK Government Adopts a “Pro-Innovation” Approach to AI Regulation

Inside Privacy

APRIL 24, 2023

For example, in October 2022, the Bank of England and Financial Conduct Authority (“FCA”) jointly released a Discussion Paper on Artificial Intelligence and Machine Learning considering how AI in financial services should be regulated and, in March 2023, the ICO updated its Guidance on AI and Data Protection.

Intellectual Property

Intellectual Property Data protection Machine learning Compliance

UK Financial Regulators Publish Response to AI Consultation – Seven Takeaways

Debevoise Data Blog

OCTOBER 31, 2023

Seven Takeaways from the Response Paper The definition of AI is a key gating question. The definition of “artificial intelligence” has been a contentious point in multiple AI legislative processes – including the draft EU AI Act – and it appears that the UK Financial Authorities could face similar challenges.

Compliance

Compliance Due diligence Machine learning Data protection

“Reject All” button in cookie consent banners – An update from the UK and the EU

Technology Law Dispatch

NOVEMBER 8, 2023

There is more clarity on the views of the UK data protection authority on whether a “Reject All” option in the first layer of a cookie consent management solution is required. This is more likely be compliant with data protection law, as firms will be better placed to demonstrate that the user has a genuine free choice.“

Data protection

Data protection Compliance Court Law

Key Points Regarding the DPC Decision Against Meta

Inside Privacy

JUNE 1, 2023

It has been well-publicized that the Irish Data Protection Commission (“DPC”) has imposed a record €1.2 billion fine and corrective measures under the GDPR against Meta Ireland (“Meta”) in a long-running dispute relating to cross-border data transfers and the EU standard contractual clauses (“SCCs”).

Data protection

Data protection Court Compliance Hearing

Overview of Global AI Regulatory Developments and Some Tips to Reduce Risk

Debevoise Data Blog

MAY 2, 2023

While the latest draft EU AI Act is not yet publicly available, early reports indicate it will feature new rules concerning compliance obligations specific to generative AI and foundation models, including several unique components such as required disclosures of copyrighted works included in the models’ training data.

Compliance

Compliance Time-tracking Data protection Law

The EU AI Act: Political Agreement Secured, We Await the Final Text

Debevoise Data Blog

DECEMBER 17, 2023

No other final definitions have been confirmed or released at this time. Systems which fall into this final category will not be subject to new restrictions or obligations under the EU AI Act, though obligations under other, existing laws may still apply (such as discrimination and data protection laws). How to prepare.

Data protection

Data protection Compliance Time-tracking Law

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

Berkley Technology Law Journal

NOVEMBER 18, 2022

So all the cases in which we saw difficulties in the last years are sort of now part of this core platform, service definition. Also, according to the DMA, if there is a systematic non-compliance, other sanctions could be that you’re not allowed to buy new companies, ban on acquisition, or there are a lot of different possible fines.

Law

Law Law Data protection Court

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

Berkley Technology Law Journal

NOVEMBER 18, 2022

So all the cases in which we saw difficulties in the last years are sort of now part of this core platform, service definition. Also, according to the DMA, if there is a systematic non-compliance, other sanctions could be that you’re not allowed to buy new companies, ban on acquisition, or there are a lot of different possible fines.

Law

Law Law Data protection Court

Data Protection in the Workplace: Employer Guidance

Overhaul of the Australian Privacy Act

Webinars

Trending Sources

How to handle security incidents/data breaches under the LGPD

Webinars

“Dark patterns” targeted by EU institutions

Virginia Enacts a Comprehensive Privacy Law – Similarities and Differences Among VCDPA, CCPA and GDPR

Comments on the Ruling Declaring California’s Age-Appropriate Design Code (AADC) Unconstitutional–NetChoice v. Bonta

California’s Age-Appropriate Design Code Act Expands Businesses’ Privacy Obligations Regarding Minors

Top 10 Reasons to Streamline Your Business with ALOE

The Arrival of 2023 U.S. State Privacy Laws – Part 2: Colorado Update

CCPA Enforcement Actions Take Aim at Sales of Personal Information

You Can’t Have Legal GRC Optimisation Without Data Management Improvement?

Utah Joins the Comprehensive State Privacy Law Club

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Connecticut’s Next Generation Data Privacy Law

Importance of Recurring Payment for Law Firms

Importance of Recurring Payment for Law Firms

Tech Ticker Issue 42: January 2023

Face Forward: Strategies for Complying with Facial Recognition Laws

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Summary of the Digital Personal Data Protection Bill, 2023

“Bossware” under labour and data protection law

What the GDPR Can Tell Us About State Privacy Laws

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

A “light touch” approach to AI regulation in the UK

Protection of personal data in Brazil: differences in the scope of the LGPD and the new penal practice

European Data Protection Roundup – October 2023

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

European Data Protection Roundup – February

UK Data Protection Bill No.2 – What is changed?

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

European Data Protection Roundup – November 2023

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

What the ADPPA Means for U.S. Data Regulation

UK Government Adopts a “Pro-Innovation” Approach to AI Regulation

UK Financial Regulators Publish Response to AI Consultation – Seven Takeaways

“Reject All” button in cookie consent banners – An update from the UK and the EU

Key Points Regarding the DPC Decision Against Meta

Overview of Global AI Regulatory Developments and Some Tips to Reduce Risk

The EU AI Act: Political Agreement Secured, We Await the Final Text

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

Stay Connected