Data protection, Law and State law - Legal Tech Connection

Utah Joins the Comprehensive State Privacy Law Club

Debevoise Data Blog

APRIL 29, 2022

On March 24, 2022, Utah enacted a comprehensive consumer privacy law, the Utah Consumer Privacy Act (“UCPA”). The UCPA, effective on December 31, 2023, is largely consistent with other comprehensive state privacy laws, but includes several key differences. The UCPA has a narrower applicability than the State Privacy Laws.

Law

Law Law Data protection Attorney

EU Rules Restricting the International Transfers of Non-Personal Data

Inside Privacy

FEBRUARY 1, 2024

While the EU GDPR regulates the international transfer of personal data, several recently enacted EU laws regulate the international transfer of non-personal data, which is any data that is not “personal data” under the GDPR. This is borne out by the provisions in the proposed EHDS, as discussed below.

Intellectual Property

Intellectual Property State law Court Compliance

Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws

Debevoise Data Blog

DECEMBER 16, 2021

The Virginia Consumer Data Protection Act (“VCDPA”) and amendments to the California Consumer Privacy Act (“CCPA”)—enshrined in the California Privacy Rights Act (“CPRA”)—take effect on January 1, 2023. These developments have companies understandably concerned about complying with a patchwork of state laws.

Data protection

Data protection Compliance Law Law

Webinars

The New Way of Conducting Patent Research: Proven Strategies For Efficient Due Diligence

AI for Paralegals: Everything You Need to Know (and How to Use It Safely)

The Tech-Savvy Paralegals Playbook: How To Leverage AI

Uncovering The Hidden Connections: A Patent Family Survival Guide

MORE WEBINARS

The FCC Expands Scope of Data Breach Notification Rules

Inside Privacy

JANUARY 4, 2024

The Order makes several notable changes to the prior rules, including broadening the definitions of a reportable “breach” and “covered data,” requiring covered entities to notify the FCC in addition to federal law enforcement of breaches, and modifying certain customer notification requirements. state data breach notification laws.

Data protection

Data protection Federal law State law Attorney

Connecticut’s Next Generation Data Privacy Law

Debevoise Data Blog

MAY 23, 2022

Connecticut’s Governor signed the state’s comprehensive privacy law into effect on May 10, 2022, adding yet another category of state privacy law. We also provide an overview of the CTPA’s enforcement mechanisms and explain how the CTPA modifies prior laws’ safe harbor with a nod towards prosecutorial discretion.

Law

Law Law Compliance Attorney

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

And what’s a company to do right now, with facial recognition opportunities presenting themselves today while the law remains a moving target? In this Part 1, we lay out the current laws governing facial recognition in the United States. The Patchwork of Current Facial Recognition Privacy Laws A.

Law

Law Law Court Time-tracking

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

This is Part 2 in a two-part series of articles about facial recognition laws in the United States. In this part, we assess where the law seems to be heading and offer some practical risk reduction strategies. Federal and State Legislation There is currently no federal law that specifically regulates biometric privacy.

Compliance

Compliance Federal law Data protection Machine learning

European Data Protection Roundup – Q4 2024

Debevoise Data Blog

JANUARY 17, 2025

Our top-eleven European data protection developments for the end of 2024 are: EU Cyber Resilience Act: The Council of the European Union approved the Cyber Resilience Act , introducing cybersecurity requirements for digital products sold in the EU. The UK Upper Tribunal did not consider the provisions under the UK GDPR.

Data protection

Data protection Compliance Court State law

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

3 Geeks and a Law Blog

JULY 11, 2023

Ellington explains that the impetus for creating SessionGuardian came from working with a law firm to secure their work with eDiscovery vendors and contract attorney staffing agencies. Recently, a major North American bank told Leib that 10 of their last breach incidents were caused by unauthorized photography of sensitive data.

Law firm

Law firm Time-tracking Due diligence Attorney

CJEU’s Advocate General Issues Opinion on GDPR Fines Against Companies

Inside Privacy

MAY 3, 2023

He opined that Member States’ law may not stipulate conditions going beyond those set out in the GDPR that make it more difficult to impute GDPR infringements to companies. Member States laws may not require this to be a pre-condition to impose a GDPR administrative fine. (2) companies).

State law

State law Court Data protection Law

Spanish Data Protection Authority Issues Guidance on Data Spaces

Inside Privacy

MAY 12, 2023

If you have questions about data spaces, we are happy to assist.

Data protection

Data protection Mediator Compliance State law

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Debevoise Data Blog

DECEMBER 1, 2021

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the 2022 edition of the Privacy Law Answer Book (Practising Law Institute, 2021), a user-friendly guide to the laws and regulations that govern how companies collect, use, store and transfer the personal information of their consumers and employees.

Law

Law Law Data protection Litigation

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Legal Tech Monitor

JULY 11, 2023

Ellington explains that the impetus for creating SessionGuardian came from working with a law firm to secure their work with eDiscovery vendors and contract attorney staffing agencies. Recently, a major North American bank told Leib that 10 of their last breach incidents were caused by unauthorized photography of sensitive data.

Law firm

Law firm Time-tracking Due diligence Attorney

European Data Protection Roundup – November 2023

Debevoise Data Blog

DECEMBER 22, 2023

This guidance, which draws on the GDPR as well as national and EU case law, contains relevant advice for using AI in the healthcare space more broadly. For example, the Garante notes the need to incorporate data protection by design and by default principles within any AI systems used in the healthcare space.

Data protection

Data protection Time-tracking Compliance Machine learning

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

The ADPPA aims to create a national framework that would preempt many, but not all, state privacy laws. It is unclear whether the ADPPA has sufficient support to become law, as it reportedly lacks key support in the Senate. Even if not enacted, its provisions are likely to influence a future federal privacy law.

State law

State law Federal law Compliance Data protection

Where to Begin With Data Governance Frameworks and How Software Can Help (Brandon Wiebe, GC & Head of Privacy, Transcend)

Technically Legal

SEPTEMBER 28, 2023

Brandon explains that most data privacy laws, like the General Data Protection Regulation (GDPR) in the EU and U.S. Brandon explains that most data privacy laws, like the General Data Protection Regulation (GDPR) in the EU and U.S.

Software

Software Data protection Compliance State law

Does Your Company Have a Data Privacy Plan? Here’s Where to Start

Percipient

OCTOBER 4, 2023

Brandon explains that most data privacy laws , like the General Data Protection Regulation (GDPR) in the EU and U.S. Brandon explains that most data privacy laws , like the General Data Protection Regulation (GDPR) in the EU and U.S.

Data protection

Data protection Compliance State law Software

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Debevoise Data Blog

JULY 9, 2021

Colorado has just adopted a brand-new data privacy law and Nevada has just significantly amended its law. further in the direction of European-style privacy law. First, covered businesses would have to obtain “specific, informed, and unambiguous opt-in consent” to collect, use, share, or sell consumers’ personal data.

Data protection

Data protection Attorney Compliance State law

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

Debevoise Data Blog

JANUARY 14, 2022

5] In a motion passing 3-2 on a party-line vote, the Democratic commissioners removed the Chief Administrative Law Judge (the “ALJ”) from the role of Presiding Officer in Magnuson-Moss rulemaking; Chair Khan or her designee will instead assume the role of Presiding Officer, giving Chair Khan even greater control over future rulemaking efforts. [6]

Compliance

Compliance Court Litigation Litigator

Legal Tech Connection

Utah Joins the Comprehensive State Privacy Law Club

EU Rules Restricting the International Transfers of Non-Personal Data

Webinars

Trending Sources

Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws

Webinars

The FCC Expands Scope of Data Breach Notification Rules

Connecticut’s Next Generation Data Privacy Law

Face Forward: Strategies for Complying with Facial Recognition Laws

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

European Data Protection Roundup – Q4 2024

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

CJEU’s Advocate General Issues Opinion on GDPR Fines Against Companies

Spanish Data Protection Authority Issues Guidance on Data Spaces

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

European Data Protection Roundup – November 2023

What the ADPPA Means for U.S. Data Regulation

Where to Begin With Data Governance Frameworks and How Software Can Help (Brandon Wiebe, GC & Head of Privacy, Transcend)

Does Your Company Have a Data Privacy Plan? Here’s Where to Start

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

Stay Connected