Compliance, Data protection and e-records

Decoding India’s Data Protection Law

Ikigai Law

AUGUST 4, 2023

India’s Digital Personal Data Protection Bill 2023 was introduced in Parliament on 3 August 2023. Once passed, the law will govern how businesses collect and use individuals’ data. What data is covered? Personal data, i.e., data about an individual that can identify them. Who is affected?

Data protection

Data protection Law Law e-records

Data Protection in the Workplace: Employer Guidance

Legal IT Group

SEPTEMBER 19, 2023

For example, in 2020, the Data Protection Authority of Hamburg imposed a 35.3 In particular, specific details about the lives of some employees of H&M (illnesses, medical diagnoses, religious beliefs, and family problems) were comprehensively recorded and stored as information on a network drive. 6 (1) (e) of GDPR Art.

Data protection

Data protection Compliance e-records Law

Using personal devices for business: what should UK firms think about?

Debevoise Data Blog

APRIL 14, 2023

The PRA strongly criticised Wyelands’ lack of record-keeping policies and procedures to manage the use of WhatsApp communications, which the PRA found had prevented the bank’s Board and Risk function from effectively scrutinising transactions, as well as hindering the PRA’s supervision and investigation activities.

e-records

e-records Compliance e-filing Data protection

Webinars

The New Way of Conducting Patent Research: Proven Strategies For Efficient Due Diligence

AI for Paralegals: Everything You Need to Know (and How to Use It Safely)

The Tech-Savvy Paralegals Playbook: How To Leverage AI

Uncovering The Hidden Connections: A Patent Family Survival Guide

MORE WEBINARS

The EU AI Act – Navigating the EU’s Legislative Labyrinth

Debevoise Data Blog

NOVEMBER 29, 2023

The specific detail of these requirements is yet to be agreed but could include heightened data governance standards, monitoring and record-keeping rules, heightened standards for cybersecurity and transparency, as well as human oversight obligations. To subscribe to the Data Blog, please click here. Limited risk systems.

Compliance

Compliance Data protection e-records Law

The Future of Legal Tech: How Technology Is Transforming the Business of Law

MatterSuite

OCTOBER 27, 2023

E-discovery solutions , a significant part of legal tech, were estimated to be a multi-billion-dollar industry. The global e-discovery market size was projected to reach $17.32 Data Security: Ensuring the confidentiality and security of sensitive legal information is paramount. This enhances trust in legal documentation.

Legal tech

Legal tech Legal tech e-discovery Machine learning

You Can’t Have Legal GRC Optimisation Without Data Management Improvement?

Legal Tech Blog

DECEMBER 8, 2022

While these are necessary to help reduce complacency towards internal data protection compliance and ensure organisations actively work to reduce their exposure, it isn’t always easy for companies to align. In the case of e-discovery , for example, artificial intelligence is already being leveraged to great effect.

e-discovery

e-discovery Machine learning Compliance Due diligence

China Passes the Personal Information Protection Law

Debevoise Data Blog

OCTOBER 11, 2021

The PIPL has been referred to as China’s version of Europe’s General Data Protection Regulation (“GDPR”), given that the PIPL in substance mimics many of GDPR’s restrictions on the usage and collection of personal information. The sheer amount of serial change to Chinese law adds to compliance challenges.

Law

Law Law e-records Compliance

FinTales Issue 32: Anti-money laundering laws, Data Bill & Fintechs

Ikigai Law

AUGUST 7, 2023

Reporting entities must follow several compliance and reporting obligations under the anti-money laundering law. Main Course : Deep dive stories on card network portability, and impact of the data protection bill on fintechs. The data law is nearly here! The data law doesn’t tell processors what to do.

Data protection

Data protection Law Law e-records

The 2024 Clio Cloud Conference in Review

Clio

OCTOBER 8, 2024

With a record 2,500 in-person and 1,500 virtual attendees, Jack highlighted Clio’s growth alongside AI’s transformative role in the legal profession, as outlined in the latest Legal Trends Report. Gavin shared tactical steps to protect sensitive information and emphasized the ethical considerations involved in data protection.

Time-tracking

Time-tracking Judge Law firm Data protection

European Data Protection Roundup – September

Debevoise Data Blog

OCTOBER 12, 2021

million fine against Austrian Post for channelling electronic data protection-related inquiries to a web form and not offering an additional email address, irrespective of the data subject option to also use non-electronic postal mail or customer service. Standard Contractual Clauses).

Data protection

Data protection Failure-to-appear Compliance e-records

European Data Protection Roundup – May 2024

Debevoise Data Blog

JUNE 27, 2024

Our top five European data protection developments from May are: UK guidance on ransom payments: The UK NCSC and various insurance industry bodies co-published guidance on key considerations for ransomware payments. These developments are covered in more detail below.

Data protection

Data protection Software e-records Compliance

European Data Protection Roundup – December 2022 and January 2023

Debevoise Data Blog

FEBRUARY 20, 2023

When calculating the fine, the CNIL cited the large scale of the data processing and the high proportion of minors (38% were between 13 and 17) as aggravating factors. The fines follow non-compliance notices CNIL served to 60 organisations that did not allow users to refuse cookies as easily as to accept them.

Data protection

Data protection Compliance e-records Court

You Subpoenaed My Documents, Shouldn’t You Pay for Them?

Percipient

APRIL 22, 2023

Or it received a data request from a consumer under the GDPR or California Consumer Privacy Act. If the subpoena issued is in federal litigation, your company is likely responsible for the cost of compliance, especially if it has a connection to the litigation. Who covers the expense in responding to it? Westport Axle Corp.,

e-discovery

e-discovery Court e-records Litigator

European Data Protection Roundup – Q4 2024

Debevoise Data Blog

JANUARY 17, 2025

Our top-eleven European data protection developments for the end of 2024 are: EU Cyber Resilience Act: The Council of the European Union approved the Cyber Resilience Act , introducing cybersecurity requirements for digital products sold in the EU. The UK Upper Tribunal did not consider the provisions under the UK GDPR.

Data protection

Data protection Compliance Court State law

European Data Protection Roundup – March 2024

Debevoise Data Blog

APRIL 26, 2024

Key takeaways from March include: CNIL data security practice guide: The French DPA published an update of its data security practice guide for data protection officers, chief information security officers, computer scientists and legal experts. These developments, and more, are covered below.

Data protection

Data protection e-records Compliance Court

Case T-557/20: the importance and impact on data protection

Legal IT Group

JUNE 12, 2023

Every day, more and more companies face the problem of personal data protection. As companies are increasingly scrutinised for proper data protection, it’s worth paying close attention to the latest best practices to avoid dealing with the potential negative consequences of a data breach.

Data protection

Data protection e-filing Court e-records

European Data Protection Roundup – October 2023

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection

Data protection Compliance Failure-to-appear e-records

European Data Protection Roundup – June 2021

Debevoise Data Blog

JULY 20, 2021

Here are our highlights: European Commission adopts new Standard Contractual Clauses What happened : As reported in our blog post , the European Commission adopted its new Standard Contractual Clauses (“SCCs”) for the cross-border transfer of personal data from the EEA to “third countries”.

Data protection

Data protection e-filing Compliance e-records

European Data Protection Roundup – October 2020

Debevoise Data Blog

NOVEMBER 10, 2020

ICO targets the data broking industry : On 27 October, the ICO demanded that Experian make sweeping changes to data protection practices within its direct marketing business within three months or face further enforcement action. We will continue to report on developments as Experian’s appeal progresses.

Data protection

Data protection Intellectual Property e-records Machine learning

European Data Protection Roundup – May 2023

Debevoise Data Blog

JUNE 8, 2023

Third country data transfers : Businesses that transfer personal data outside of the EEA may want to review their transfer mechanisms in light of new guidance on the EU and South East Asia SCCs, and the DPC’s record-breaking €1.2 billion fine against Meta. These developments, and more, covered below. (1)

Data protection

Data protection Compliance e-records Dispute resolution

European Data Protection Roundup – June & July 2023

Debevoise Data Blog

AUGUST 16, 2023

. : Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S. Data Privacy Framework, assess whether they are eligible to self-certify and, if they are, whether it makes sense to. Data Privacy Framework (the “DPF”). Data Privacy Framework (the “DPF”).

Data protection

Data protection Analytics Compliance Time-tracking

European Data Protection Roundup – December 2023

Debevoise Data Blog

JANUARY 25, 2024

Sensitive personal data: The CJEU has clarified that the processing of special category personal data, such as health data, requires a legal basis under both GDPR Art. 6, meaning that businesses may wish to review their records of processing activities to ensure that both are reflected. 9 and GDPR Art.

Data protection

Data protection Court e-records Compliance

Data subject requests under the GDPR. Why is it essential to respond to them correctly and on time?

Legal IT Group

JUNE 15, 2023

According to the GDPR – General Data Protection Regulation – residents of the European Union (“ EU ”) can send requests regarding their data to all legal and natural persons who process it. If the individual continues to receive emails after the data has been deleted, this will constitute a breach of the GDPR.

e-records

e-records Data protection e-filing Compliance

Eight GDPR Questions when Adopting Generative AI

Debevoise Data Blog

OCTOBER 10, 2023

If privacy is dealt with as an afterthought, it may be difficult to retrofit controls that are sufficient to mitigate privacy-related risk and ensure compliance. Consider whether any personal data you intend to use for Generative AI training, testing or prompting is subject to GDPR (or equivalent protections). What can you do?

Data protection

Data protection e-records Compliance Law

Take Three: New European Adequacy Decision Gives Green Light to EU-U.S. Data Protection Framework

Debevoise Data Blog

JULY 31, 2023

Data Privacy Framework (the “DPF”). The decision enables businesses in Europe to transfer personal data to DPF-certified U.S. businesses without having to implement additional data protection safeguards. Once certified, compliance with the Principles can be enforced under U.S. billion fine for Meta in May 2023).

Data protection

Data protection Dispute resolution e-filing e-records

European Data Protection Roundup – January 2024

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection

Data protection Compliance e-records Court

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

Berkley Technology Law Journal

NOVEMBER 18, 2022

Legislation empowers the European Commission to designate certain tech companies as gatekeepers and impose obligations on them in relation to data, advertising, e-commerce, interoperability, and the commercial relationships between the service providers customers and end users. One idea is the idea of data portability.

Law

Law Law Data protection Court

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

Berkley Technology Law Journal

NOVEMBER 18, 2022

Legislation empowers the European Commission to designate certain tech companies as gatekeepers and impose obligations on them in relation to data, advertising, e-commerce, interoperability, and the commercial relationships between the service providers customers and end users. One idea is the idea of data portability.

Law

Law Law Data protection Court

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

Debevoise Data Blog

JANUARY 14, 2022

Companies developing Federal Trade Commission (“FTC”) compliance programs, or under investigation by the FTC’s Bureau of Consumer Protection, should be aware of significant developments impacting the Commission’s regulatory authority and enforcement priorities.

Compliance

Compliance Court Litigator Litigation

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Debevoise Data Blog

JANUARY 16, 2025

Department of Justice (DOJ) issued the Final Rule on Preventing Access to Sensitive Data, creating a comprehensive export control regime to restrict the transfer of bulk sensitive personal and government-related data to foreign adversaries deemed threats to U.S. Engaging in data-mapping exercises may alleviate this burden.

Compliance

Compliance Due diligence e-records Time-tracking

Legal Tech Connection

Decoding India’s Data Protection Law

Data Protection in the Workplace: Employer Guidance

Webinars

Trending Sources

Using personal devices for business: what should UK firms think about?

Webinars

The EU AI Act – Navigating the EU’s Legislative Labyrinth

The Future of Legal Tech: How Technology Is Transforming the Business of Law

You Can’t Have Legal GRC Optimisation Without Data Management Improvement?

China Passes the Personal Information Protection Law

FinTales Issue 32: Anti-money laundering laws, Data Bill & Fintechs

The 2024 Clio Cloud Conference in Review

European Data Protection Roundup – September

European Data Protection Roundup – May 2024

European Data Protection Roundup – December 2022 and January 2023

You Subpoenaed My Documents, Shouldn’t You Pay for Them?

European Data Protection Roundup – Q4 2024

European Data Protection Roundup – March 2024

Case T-557/20: the importance and impact on data protection

European Data Protection Roundup – October 2023

European Data Protection Roundup – June 2021

European Data Protection Roundup – October 2020

European Data Protection Roundup – May 2023

European Data Protection Roundup – June & July 2023

European Data Protection Roundup – December 2023

Data subject requests under the GDPR. Why is it essential to respond to them correctly and on time?

Eight GDPR Questions when Adopting Generative AI

Take Three: New European Adequacy Decision Gives Green Light to EU-U.S. Data Protection Framework

European Data Protection Roundup – January 2024

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Stay Connected