Ann J. LaFrance

Blogs: Brexit Legal, Global IP & Technology Law Blog, Restructuring Globalview, SECURITY & PRIVACY // BYTES

Latest Articles

California Attorney General Proposes Modifications to the Proposed CCPA Regulations

By Glenn A. Brown, Lydia de la Torre, Elliot Golding & Ann J. LaFrance

February 11, 2020

On February 7, 2020, the California Attorney General (AG) announced changes to the California Consumer Privacy Act of 2018 (CCPA) proposed regulations. The AG updated its announcement on February 10, 2020, to indicate that an additional provision was being modified. The modifications include changes to the “Right to Opt Out,” the permissible uses of data by service providers and the mandatory content of CCPA notices. The deadline for submitting comments on the modified draft…

SECURITY & PRIVACY // BYTES

I’m a Financial Institution – What Do I Need to Do Under the CCPA?

By Glenn A. Brown, Lydia de la Torre & Ann J. LaFrance

November 5, 2019

This post is part of our series highlighting key compliance issues under the California Consumer Privacy Act (CCPA). For a broader look at the CCPA, please see prior posts from members of our Data Privacy & Cybersecurity regarding applicability, gap assessments, and the recent amendments. Stay tuned for further posts in this series. Introduction Since the CCPA was enacted in June 2018, financial institutions have been considering whether and how the new law will apply to…

SECURITY & PRIVACY // BYTES

Proposed CCPA Regulations: Initial Overview and Highlights

By Ann J. LaFrance, Elliot Golding, Lydia de la Torre, Glenn A. Brown, Lauren Kitces, India Scarver & Shalin Sood

October 15, 2019

On October 10, 2019, the California Attorney General (California AG) issued the long-awaited California Consumer Privacy Act (CCPA) Regulations (Proposed Regulations), along with an Initial Statement of Reasons (ISOR) explaining the Proposed Regulations. These Proposed Regulations not only fill in statutory gaps, but also create several substantive new requirements. Companies may submit comments through December 6, 2019, and several public hearings will be held in the first week of December. Our Data Privacy & Cybersecurity…

SECURITY & PRIVACY // BYTES

Data Protection Compliance: Do You Have an Appropriate Policy Document in Place?

By Ann J. LaFrance & Emma Yaltaghian

October 7, 2018

Just because 25 May 2018 has passed does not mean that data protection compliance has ended! The Data Protection Act 2018 (“DPA”) works with the GDPR, and introduces additional requirements that businesses will need to watch out for; there are however a number of derogations that are intended to better accommodate business needs.…

SECURITY & PRIVACY // BYTES

Procedure Launched for Japan and the European Union to Become the World’s Largest Area of Safe Data Transfers

By Ann J. LaFrance, Chloe Abbott & Scott Warren

September 20, 2018

What’s New? On 5 September 2018, the EU Commission commenced proceedings to adopt an Adequacy Decision in relation to Japan’s protection of personal data by issuing a draft ‘Commission Implementing Decision’. This is an important step towards the culmination of discussions between the EU and Japan that were initiated in January 2017, with the aim of permitting the free flow of personal data between the parties. These discussions were part of the broader free trade…

SECURITY & PRIVACY // BYTES

Proposed e-Privacy Regulation in Trilogue Phase Making May 2018 Enforcement Unlikely

By Ann J. LaFrance

December 10, 2017

Nearly a year ago, on 10 January 2017, the EU Commission released the proposed ePrivacy Regulation (ePR). The three main areas covered by the legislation are the use of electronic communications data by telecommunications operators and other specified entities, the use of tracking applications, and unsolicited direct marketing communications. The ePR aims to ensure a coherent, up-to-date framework capable of balancing economic interests and privacy rights of natural persons reflected in the Article 7 of…

Restructuring Globalview

Shining a light on the GDPR – is the insolvency profession prepared?

By Ann J. LaFrance

October 19, 2017

What is the GDPR? The General Data Protection Regulation (GDPR) is an EU regulation designed to strengthen and harmonise data protection rules for processing data of all individuals within the EU and covers the transfer of such personal data outside the EU. One of the aims of the new legislation is to give control back to individuals over their personal data by establishing new rights for individuals in relation to their data and imposing more stringent obligations…

Brexit Legal

UK Government Sets Out Its Position on UK-EU Data Flows

By Ann J. LaFrance & Francesco Liberatore

August 30, 2017

The UK Government has released a position paper, “The exchange and protection of personal data: A future partnership paper” as part of the ongoing Brexit negotiations. This is one of many papers released by the UK Government last week but is a high priority for both the UK and the EU given the importance of data flows between the two. The continuing uncertainty surrounding data transfers to or through the UK given the…

Global IP & Technology Law Blog

Article 29 Working Party issues draft Guidelines on Data Protection Impact Assessments

By Ann J. LaFrance & Asel Ibraimova

April 20, 2017

On 04 April 2017, the Article 29 Working Party (WP29) issued its much-anticipated draft Guidelines on Data Protection Impact Assessments (DPIAs), which will be required under Article 35 of the EU General Data Protection Regulation (GDPR). The draft Guidelines are open for comment from the public until 23 May 2017, after which the final Guidelines will be published. The DPIA Guidelines will be complemented by the WP29 Guidelines on Profiling, a draft of which is…

Global IP & Technology Law Blog

EU Parliament adopts a Resolution on the Adequacy afforded by the EU-US Privacy Shield

By Ann J. LaFrance & Asel Ibraimova

April 10, 2017

On 6th April, the European Parliament adopted a resolution on the “Adequacy of the Protection afforded by the EU-US Privacy Shield”. The resolution draws attention to previously identified and new concerns about the Privacy Shield framework and considers what the focus should be during the upcoming joint annual review of the Privacy Shield. The resolution states that there has been a lack of clarity in terms of the commitment of the new US administration to…

Ann J. LaFrance

California Attorney General Proposes Modifications to the Proposed CCPA Regulations

I’m a Financial Institution – What Do I Need to Do Under the CCPA?

Proposed CCPA Regulations: Initial Overview and Highlights

Data Protection Compliance: Do You Have an Appropriate Policy Document in Place?

Procedure Launched for Japan and the European Union to Become the World’s Largest Area of Safe Data Transfers

Proposed e-Privacy Regulation in Trilogue Phase Making May 2018 Enforcement Unlikely

Shining a light on the GDPR – is the insolvency profession prepared?

UK Government Sets Out Its Position on UK-EU Data Flows

Article 29 Working Party issues draft Guidelines on Data Protection Impact Assessments

EU Parliament adopts a Resolution on the Adequacy afforded by the EU-US Privacy Shield

Stay Connected

Company

Support

New to the Network