Data protection and State law - Legal Tech Connection

EU Rules Restricting the International Transfers of Non-Personal Data

Inside Privacy

FEBRUARY 1, 2024

Note that the data localization prohibition in this Regulation applies to individual EU Member States’ laws; it does not preclude the EU from implementing data localization requirements. X (Recent Council versions remove this obligation.)

Intellectual Property

Intellectual Property State law Court Compliance

The FCC Expands Scope of Data Breach Notification Rules

Inside Privacy

JANUARY 4, 2024

This Order follows recent activity from the FCC’s Privacy and Data Protection Task Force , including the announcement last month of a partnership between the FCC and state attorneys general on data privacy enforcement.

Data protection

Data protection Federal law State law Attorney

Utah Joins the Comprehensive State Privacy Law Club

Debevoise Data Blog

APRIL 29, 2022

In prior posts, we have written about the evolving state privacy law landscape, including how to prepare for state privacy laws coming into effect in 2023 here ; various aspects of the CCPA and CPRA, including here and here ; and the Virginia Consumer Data Protection Act (“VCDPA”) here.

Law

Law Law Data protection Attorney

Webinars

The New Way of Conducting Patent Research: Proven Strategies For Efficient Due Diligence

AI for Paralegals: Everything You Need to Know (and How to Use It Safely)

The Tech-Savvy Paralegals Playbook: How To Leverage AI

Uncovering The Hidden Connections: A Patent Family Survival Guide

MORE WEBINARS

Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws

Debevoise Data Blog

DECEMBER 16, 2021

The Virginia Consumer Data Protection Act (“VCDPA”) and amendments to the California Consumer Privacy Act (“CCPA”)—enshrined in the California Privacy Rights Act (“CPRA”)—take effect on January 1, 2023. These developments have companies understandably concerned about complying with a patchwork of state laws.

Data protection

Data protection Compliance Law Law

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

Further, in a case that we have covered previously involving a supermarket using video surveillance with facial recognition capabilities, the Spanish data protection authority (the “AEDP”) fined grocer Mercadona for violating numerous provisions of the EU’s General Data Protection Regulation.

Compliance

Compliance Federal law Data protection Machine learning

Connecticut’s Next Generation Data Privacy Law

Debevoise Data Blog

MAY 23, 2022

Like other state privacy laws, the CTPA contains a number of entity-based and data-based exemptions, including financial institutions covered by the Gramm-Leach-Bliley Act, national securities associations that are registered under the Securities Exchange Act of 1934, and data regulated by the Fair Credit Reporting Act, among other exemptions.

Law

Law Law Compliance Attorney

European Data Protection Roundup – Q4 2024

Debevoise Data Blog

JANUARY 17, 2025

Our top-eleven European data protection developments for the end of 2024 are: EU Cyber Resilience Act: The Council of the European Union approved the Cyber Resilience Act , introducing cybersecurity requirements for digital products sold in the EU. The UK Upper Tribunal did not consider the provisions under the UK GDPR.

Data protection

Data protection Compliance Court State law

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

The TDPA provides for a private right of action for violation of the prohibition to sell, lease, or disclose data. State Laws Permitting but Regulating Collection and Use of Biometric Identifiers, including Facial Data.

Law

Law Law Court Time-tracking

CJEU’s Advocate General Issues Opinion on GDPR Fines Against Companies

Inside Privacy

MAY 3, 2023

He opined that Member States’ law may not stipulate conditions going beyond those set out in the GDPR that make it more difficult to impute GDPR infringements to companies. Member States laws may not require this to be a pre-condition to impose a GDPR administrative fine. (2) companies).

State law

State law Court Data protection Law

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

3 Geeks and a Law Blog

JULY 11, 2023

Generally however, it’s hard for global law firms right that sometimes have to compete with conflicting regimes. Not all, I believe only one or two state laws in the US require it. When that happens, the level of data protection exponentially recedes. You know, they do. But it’s really a commercial decision.

Law firm

Law firm Time-tracking Due diligence Attorney

Spanish Data Protection Authority Issues Guidance on Data Spaces

Inside Privacy

MAY 12, 2023

If you have questions about data spaces, we are happy to assist.

Data protection

Data protection Mediator Compliance State law

European Data Protection Roundup – November 2023

Debevoise Data Blog

DECEMBER 22, 2023

This guidance, which draws on the GDPR as well as national and EU case law, contains relevant advice for using AI in the healthcare space more broadly. For example, the Garante notes the need to incorporate data protection by design and by default principles within any AI systems used in the healthcare space. UK and U.S.

Data protection

Data protection Time-tracking Compliance Machine learning

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Debevoise Data Blog

DECEMBER 1, 2021

Information Privacy Law. With a thorough discussion of the nuances related to advertising and tracking, this section also covers the new privacy laws impacting the industry, including updates stemming from the CCPA, the Virginia Consumer Data Protection Act (VCDPA), and the Colorado Privacy Act.

Law

Law Law Data protection Litigation

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

Even if not enacted, its provisions are likely to influence a future federal privacy law. And, in many ways, the ADPPA may set a new minimum standard that will shape any state laws passed to fill the void left by the lack of a federal privacy law. We’ve previously written about the development of U.S. ADPPA § 302(a).

State law

State law Federal law Compliance Data protection

Where to Begin With Data Governance Frameworks and How Software Can Help (Brandon Wiebe, GC & Head of Privacy, Transcend)

Technically Legal

SEPTEMBER 28, 2023

Brandon’s company is a privacy platform that helps legal and compliance teams automate data compliance tasks. Brandon explains that most data privacy laws, like the General Data Protection Regulation (GDPR) in the EU and U.S.

Software

Software Data protection Compliance State law

Does Your Company Have a Data Privacy Plan? Here’s Where to Start

Percipient

OCTOBER 4, 2023

Brandon Wiebe , GC and Head of Privacy at Transcend offers a good overview of various privacy regulations, tips on how to start thinking about a data plan and how software can help automate certain parts of the process. Brandon explains that most data privacy laws , like the General Data Protection Regulation (GDPR) in the EU and U.S.

Data protection

Data protection Compliance State law Software

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Debevoise Data Blog

JULY 9, 2021

further in the direction of European-style privacy law. Colorado and Nevada join California and Virginia in adding to the growing patchwork of disparate state laws — making it that much harder for any business seeking to have a single privacy program that is compliant everywhere.

Data protection

Data protection Attorney Compliance State law

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Legal Tech Monitor

JULY 11, 2023

Generally however, it’s hard for global law firms right that sometimes have to compete with conflicting regimes. Not all, I believe only one or two state laws in the US require it. When that happens, the level of data protection exponentially recedes. You know, they do. But it’s really a commercial decision.

Law firm

Law firm Time-tracking Due diligence Attorney

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

Debevoise Data Blog

JANUARY 14, 2022

The threat will be particularly severe for smaller companies that lack the legal expertise and capital to hire outside counsel to contest the FTC’s proposed settlements backed by the threat of potentially bankrupting fines regardless of whether they believe their activities are completely lawful. [34]

Compliance

Compliance Court Litigation Litigator

Legal Tech Connection

EU Rules Restricting the International Transfers of Non-Personal Data

The FCC Expands Scope of Data Breach Notification Rules

Webinars

Trending Sources

Utah Joins the Comprehensive State Privacy Law Club

Webinars

Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Connecticut’s Next Generation Data Privacy Law

European Data Protection Roundup – Q4 2024

Face Forward: Strategies for Complying with Facial Recognition Laws

CJEU’s Advocate General Issues Opinion on GDPR Fines Against Companies

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Spanish Data Protection Authority Issues Guidance on Data Spaces

European Data Protection Roundup – November 2023

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

What the ADPPA Means for U.S. Data Regulation

Where to Begin With Data Governance Frameworks and How Software Can Help (Brandon Wiebe, GC & Head of Privacy, Transcend)

Does Your Company Have a Data Privacy Plan? Here’s Where to Start

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

Stay Connected