Technology Law Dispatch

MARCH 24, 2023

On 8 March 2023, the UK government presented a new version of the UK Data Protection and Digital Information Bill No.2. As with the previous bill, the new bill aims to alleviate the burden of compliance with the UK GDPR and its implementing UK Data Protection Act (2018) for organisations in the UK.

Data protection 52

Data protection Failure-to-appear Compliance Software 52

new tech law blog

JANUARY 2, 2023

In this regard, we describe below what they should take under consideration in light of Polish labour law and data protection law. Therefore, implementation and exploitation of such solutions by the employer (as a controller of employee data) must be done in compliance with the rules for processing of personal data under Art.

Data protection 52

Data protection Law Law Time-tracking 52

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection 52

Data protection Compliance Failure-to-appear e-records 52

Debevoise Data Blog

MARCH 26, 2023

As multi-jurisdiction data protection concerns expand and opportunities to rely on a lead supervisory authority may narrow , the EDPB is emphasising consistency of decisions between national supervisory authorities through, among other measures, the development of approval procedures that require a cooperation phase and the creation of task forces.

Data protection 52

Data protection Compliance Court Law 52

Ikigai Law

AUGUST 3, 2023

Our summary of the Digital Personal Data Protection Bill, 2023 The Digital Personal Data Protection Bill, 2023 ( 2023 Bill ) was tabled in Parliament on 3 August 2023. It is the fifth – and likely final – iteration of India’s efforts to formulate a personal data protection law.

Data protection 52

Data protection Compliance e-filing Hearing 52

Technology Law Dispatch

APRIL 18, 2023

Safety, security and robustness – regulators may need to consider technical standards, for example addressing testing and data quality. Accountability and governance – regulators will need to determine who is accountable for compliance with existing regulation and the principles, and provide guidance on how to demonstrate accountability.

Data protection 59

Data protection Compliance 59

Technology Law Dispatch

NOVEMBER 8, 2023

There is more clarity on the views of the UK data protection authority on whether a “Reject All” option in the first layer of a cookie consent management solution is required. This is more likely be compliant with data protection law, as firms will be better placed to demonstrate that the user has a genuine free choice.“

Data protection 59

Data protection Compliance Court Law 59

3 Geeks and a Law Blog

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. So I definitely think data. I mentioned employee errors, but also insider threats. You know, they do.

Law firm 189

Law firm Time-tracking Due diligence Attorney 189

Debevoise Data Blog

NOVEMBER 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. This blog post explores some of the borrowed GDPR concepts and suggests resources companies might use as they develop their compliance programs.

Data protection 52

Data protection Law Law Compliance 52

new tech law blog

MARCH 10, 2023

“Dark patterns” used by online platform providers have been controversial for some time, but recently there has been a growing buzz about them, in particular due to actions undertaken by EU and national data protection and consumer protection authorities. What are “dark patterns”?

Data protection 52

Data protection Compliance Law Law 52

Inside Privacy

APRIL 24, 2023

For example, in October 2022, the Bank of England and Financial Conduct Authority (“FCA”) jointly released a Discussion Paper on Artificial Intelligence and Machine Learning considering how AI in financial services should be regulated and, in March 2023, the ICO updated its Guidance on AI and Data Protection.

Intellectual Property 69

Intellectual Property Data protection Machine learning Compliance 69

Debevoise Data Blog

OCTOBER 31, 2023

Seven Takeaways from the Response Paper The definition of AI is a key gating question. The definition of “artificial intelligence” has been a contentious point in multiple AI legislative processes – including the draft EU AI Act – and it appears that the UK Financial Authorities could face similar challenges.

Compliance 52

Compliance Due diligence Machine learning Data protection 52

Debevoise Data Blog

MARCH 4, 2021

state with a comprehensive privacy law, with Governor Ralph Northam’s signing of the Virginia Consumer Data Protection Act (“VCDPA”) on March 2, 2021. law in the direction of its overseas cousin, the European Union’s General Data Protection Regulation (“GDPR”). What data is covered by VCDPA? It also pulls U.S.

Data protection 52

Data protection Law Law Compliance 52

Eric Goldman

OCTOBER 16, 2023

If you really care about the kids, shouldn’t the protections be ubiquitous? Because the AADC adopts the same definition of “business” as the CCPA/CPRA, this ruling highlights that any speech restrictions in those laws remain vulnerable to a constitutional attack. Means-Fit The law falls apart on the means-fit analysis.

Court 109

Court Failure-to-appear Data protection Judge 109

Debevoise Data Blog

SEPTEMBER 19, 2022

The California Design Code’s business obligations take effect on July 1, 2024, though certain businesses must complete Data Protection Impact Assessments “on or before” that date. Notable affirmative obligations include: Data Protection Impact Assessments (“DPIAs”). Definition of “Child” Under age 18. Under age 18.

Data protection 52

Data protection Compliance Time-tracking Attorney 52

Bigfork Tech

JUNE 25, 2024

From contract creation to signature and beyond, this integration streamlines operations, eliminates paperwork, and minimizes errors, thereby ensuring compliance with legal standards. DocuSign Integration : Facilitating a smooth contract management process, ALOE integrates seamlessly with DocuSign. Why Choose ALOE?

Contract management 52

Contract management Time-tracking Software Data protection 52

Debevoise Data Blog

FEBRUARY 6, 2023

Companies subject to ColoPA should review their practices to ensure compliance before ColoPA’s July 1, 2023 effective date. Under ColoPA, “publicly available” information is excluded from its definition of personal data. Additionally, consumers must be able to withdraw consent at any given time. Dark Patterns Forbidden.

Hearing 52

Hearing Data protection Law Law 52

Debevoise Data Blog

SEPTEMBER 14, 2022

A large number of the examples focused on compliance with the CCPA’s requirements for “sales” of personal information, including the obligation that businesses honor consumers’ use of a Global Privacy Control (“GPC”) opt-out signals.

Analytics 52

Analytics Compliance Failure-to-appear Attorney 52

Clio

JANUARY 30, 2024

Check out our blog post on understanding HIPAA compliance for more information. GDPR : To help address global needs for enhanced data security, in 2018, Europe introduced a unified data protection law, the General Data Protection Regulations (GDPR). Are they compliant?

Law firm 98

Law firm Law Law Due diligence 98

Legal Tech Blog

DECEMBER 8, 2022

While these are necessary to help reduce complacency towards internal data protection compliance and ensure organisations actively work to reduce their exposure, it isn’t always easy for companies to align. But how exactly can organisations bolster their data management processes?

e-discovery 52

e-discovery Machine learning Compliance Due diligence 52

Debevoise Data Blog

APRIL 29, 2022

In prior posts, we have written about the evolving state privacy law landscape, including how to prepare for state privacy laws coming into effect in 2023 here ; various aspects of the CCPA and CPRA, including here and here ; and the Virginia Consumer Data Protection Act (“VCDPA”) here. UCPA § 13-61-103(31)(b)(iii).

Law 52

Law Law Data protection Attorney 52

Debevoise Data Blog

DECEMBER 1, 2021

Addressing the medical privacy essentials: HIPPA and the new challenges posed by the rise of telemedicine, especially during the Covid-19 pandemic, this chapter closely examines medical privacy and it contains helpful practice notes pertaining to HIPPA’s intricate definitions and requirements. practitioners: European Union, the U.K.,

Law 52

Law Law Data protection Litigator 52

Debevoise Data Blog

OCTOBER 26, 2021

This would seem to eliminate not just the possibility of compliance-by-signage but also the possibility of online consent. Massachusetts would also completely ban “monetizing” – a term defined broadly –biometric identifiers as well as geolocation data. Compliance.

Compliance 52

Compliance Federal law Data protection Machine learning 52

Debevoise Data Blog

MAY 23, 2022

Here, we highlight key aspects of the CTPA with a focus on the provisions that companies should consider in their compliance preparations. Like the CCPA/CPRA and ColoPA, the CTPA defines “sale” to include the exchange of data for monetary or other valuable consideration. CTPA § 1(26). CTPA §§ 1(27) & 6(a)(4). CTPA § 1(6).

Law 40

Law Law Compliance Attorney 40

MatterSuite

JANUARY 9, 2024

Let’s delve into the various aspects of recurring payments, from their definitions to the advantages they bring to law firms. Topics will include encryption standards, compliance with data protection regulations, and the importance of selecting secure payment gateways.

Law firm 59

Law firm Law Law Time-tracking 59

Debevoise Data Blog

MAY 2, 2023

While the latest draft EU AI Act is not yet publicly available, early reports indicate it will feature new rules concerning compliance obligations specific to generative AI and foundation models, including several unique components such as required disclosures of copyrighted works included in the models’ training data.

Compliance 52

Compliance Time-tracking Data protection Law 52

MatterSuite

JANUARY 9, 2024

Let’s delve into the various aspects of recurring payments, from their definitions to the advantages they bring to law firms. Topics will include encryption standards, compliance with data protection regulations, and the importance of selecting secure payment gateways.

Law firm 52

Law firm Law Law Time-tracking 52

Ikigai Law

FEBRUARY 9, 2023

The need for a graded approach for compliances was also discussed. Largely, the government is open to comments from stakeholders on the definition of ‘online games’ and other issues. Other bills that might be discussed include the draft Digital Personal Data Protection Bill and the Telecommunication Bill.

Due diligence 52

Due diligence Data protection Hearing Compliance 52

Legal Tech Monitor

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. So I definitely think data. I mentioned employee errors, but also insider threats. You know, they do.

Law firm 52

Law firm Time-tracking Due diligence Attorney 52

Debevoise Data Blog

OCTOBER 18, 2021

Illinois’ Biometric Information Privacy Act (“BIPA”) excludes both “digital photographs” and “information derived from” photographs from the definition of “biometric information.” c) Texas Texas’s biometric privacy law also imposes similar requirements to BIPA, but allows more avenues for compliance.

Law 52

Law Law Court Time-tracking 52

Inside Privacy

JUNE 1, 2023

It has been well-publicized that the Irish Data Protection Commission (“DPC”) has imposed a record €1.2 billion fine and corrective measures under the GDPR against Meta Ireland (“Meta”) in a long-running dispute relating to cross-border data transfers and the EU standard contractual clauses (“SCCs”).

Data protection 69

Data protection Court Compliance Hearing 69

Debevoise Data Blog

JULY 9, 2021

Colorado has just adopted a brand-new data privacy law and Nevada has just significantly amended its law. These changes add rights for consumers, and compliance obligations for businesses, that take the U.S. Businesses would also need to obtain consumer consent prior to collecting any sensitive data.

Data protection 40

Data protection Attorney Compliance State law 40

Debevoise Data Blog

JULY 12, 2022

state privacy law, including updates to the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”), the Colorado Protect Personal Data Privacy Act (“ColoPA”), the Connecticut Privacy Act (“CTPA”), the Virginia Consumer Data Protection Act (“VCDPA”), and the Utah Consumer Privacy Act (“UCPA”).

State law 52

State law Federal law Compliance Data protection 52

Berkley Technology Law Journal

NOVEMBER 18, 2022

So all the cases in which we saw difficulties in the last years are sort of now part of this core platform, service definition. Also, according to the DMA, if there is a systematic non-compliance, other sanctions could be that you’re not allowed to buy new companies, ban on acquisition, or there are a lot of different possible fines.

Law 100

Law Law Data protection Court 100

Berkley Technology Law Journal

NOVEMBER 18, 2022

So all the cases in which we saw difficulties in the last years are sort of now part of this core platform, service definition. Also, according to the DMA, if there is a systematic non-compliance, other sanctions could be that you’re not allowed to buy new companies, ban on acquisition, or there are a lot of different possible fines.

Law 100

Law Law Data protection Court 100

Debevoise Data Blog

DECEMBER 17, 2023

No other final definitions have been confirmed or released at this time. Systems which fall into this final category will not be subject to new restrictions or obligations under the EU AI Act, though obligations under other, existing laws may still apply (such as discrimination and data protection laws). How to prepare.

Data protection 64

Data protection Compliance Time-tracking Law 64