Inside Privacy

Updates on developments in data privacy and cybersecurity

Subscribe
Visit Blog
By: Covington & Burling LLP

Blog Authors

Ashden Fein
Ani Gevorkian
Anna Herrmann
Alexandra Scott
Ashwin Kaja
Anna D. Kraus
Alexander Berengaut
Anna Carrier (BE)
Anna Oberschelp de Meneses
Adrian Perry
Alyson Sandler
Andrew Vaden
B.J. Altvater
Burr Eckstut
Brooke Kahn
Bruce Bennett
Bert Wells
Cameron Harvey (AU)
Calvin Cohen
Charlotte Hill
Carlo Kostka
Charlotte Ryckman
Caleb Skeath
David Bender
Dan Cooper
David Fagan
David Fink
Dan Kahn
David Stein
Dustin Cho
Eric Bosset
Libbie Canter
Ethan Forrest
Eric Carlson
Ezra Steinhardt
Fredericka Argent
Franka Felsner
Greg Frischmann
Gemma Nash
Gerard J. Waldron
Hee-Eun Kim
Hannah Lepow
Helena Marttila-Bridge
Helena Milner-Smith
Jetty Tielemans
Huanhuan Zhang
Inside Privacy
Jayne Ponder
Jack Boeglin
Jeff Bozman
John Buchanan
Jadzia Pierce
Sam Jungyun Choi
John Graubert
Joshua Gray
Jordan Hirsch
Jim Garland
Jordan Joachim
Joseph Jones
James Strawbridge
Jetty Tielemans
Katharine Goodloe
Kristi Cercone
Kristof Van Quathem
Kurt Wimmer
Lindsay Brewer
Laura Brookover
Laura Corbett
Lindsay Burke
Liza Khan
Laura Kim
Lauren Moxley
Lindsey Tonsager
Lauren Wiseman
Miranda Cole
Moriah Daugherty
Matthew Davie
Matthew DelNero
Marialuisa Gallozzi
Micaela McMurrough
Micha Nandaraj Gallo
Mike Nonaka
Melanie Ramey
Mark Young
Nigel Howard
Nicholas Shepherd
Ben Duke
Priscilla Fasoro
Phil Bradley-Schmieg
Paige Jennings
Robert D. Fram
Randall Friedland
Rafael Reyneri
Rebecca Yergin
Sophie Bertin
Susan B. Cassidy
Samantha Clark
Sheng Huang
Scott Levitt
Sari Sharoni
Steve Surdu
Tarek Austin
Uttara Dukkipati
Victor Ban
Victoria Gilbert
Weiss Nusraty
Yaron Dori
Yan Luo
Zachary Mears

Latest from Inside Privacy

On February 12, 2019, the European Data Protection Board (“EDPB”) published two information notes to highlight the impact of a so-called “No-deal Brexit” on data transfers under the EU General Data Protection Regulation (“GDPR”), as well as the impact on organizations that have selected the UK Information Commissioner (“ICO”) as their “lead supervisory authority” for their “Binding Corporate Rules” (“BCRs”). In the “No-deal” scenario, the United Kingdom would leave the European Union on  March 29,…
(This article was originally published in Global Policy Watch.) On February 12, 2019 the Department of Defense released a summary and supplementary fact sheet of its artificial intelligence strategy (“AI Strategy”). The AI Strategy has been a couple of years in the making as the Trump administration has scrutinized the relative investments and advancements in artificial intelligence by the United States, its allies and partners, and potential strategic competitors such as China and Russia. The…
The European Data Protection Board (“Board”) released an opinion on January 23, 2019, on the intersection between the EU General Data Protection Regulation (“GDPR”) and the Clinical Trials Regulation (“CTR”).  The opinion considers a Q&A on this topic prepared by the European Commission’s Directorate General for Health.  The Directorate General decided to create this Q&A because of perceived contradictions between the GDPR and the CTR, in particular in relation to the legal basis (e.g., the…
executive-order-picture-id859751298
Today, President Trump signed an Executive Order (“EO”), “Maintaining American Leadership in Artificial Intelligence,” that launches a coordinated federal government strategy for Artificial Intelligence (the “AI Initiative”).  Among other things, the AI Initiative aims to solidify American leadership in AI by empowering federal agencies to drive breakthroughs in AI research and development (“R&D”) (including by making data computing resources available to the AI research community), to establish technological standards to support reliable and…
On February 1, 2019, China’s National Information Security Standardization Technical Committee (“TC260”) released a set of amendments to GB/T 35273-2017 Information Technology – Personal Information Security Specification (“the Standard”) for public comment.  The comment period ends on March 3. Although not legally binding, the Standard has been highly influential since becoming effective in May 2018, as it set out the best practices expected by Chinese regulators (see our previous blogpost on the Standard here).…
Hospitals and other health care organizations are attractive targets for cyber-attacks, in part because their databases contain medical records and other sensitive information. Breaches of this information could have very serious implications for patients.  Moreover, electronics connected to a health care facility’s network keep people alive, distribute medicines, and monitor vital signs. As a result, disruption to the operations of health care facilities could pose a very real risk to health and safety.  Such risks…
On January 25, 2019, the Illinois Supreme Court published its widely anticipated decision in Rosenbach v. Six Flags Entertainment Corporation et al., addressing the question of what it means to be an “aggrieved” person under the Illinois Biometric Information Privacy Act, 740 ILCS 14/1 et seq. (“BIPA”). Under BIPA, aggrieved persons are entitled to seek liquidated damages and injunctive relief. In a unanimous decision authored by Chief Judge Karmeier, the court held that individuals seeking…
On January 24, the European Data Protection Board (“EDPB”) adopted a report (“Report”) regarding the second annual review of the EU-U.S. Privacy Shield (“Privacy Shield”).  In a press release accompanying the Report, the EDPB welcomed efforts by EU and U.S. authorities to implement the Privacy Shield,  including in particular the recent appointment of a permanent Ombudsperson.  But the EDPB also noted that certain concerns remain with respect to the implementation of the Privacy Shield. The…
Vermont and the District of Columbia recently joined the growing list of states that have enacted automatic renewal statutes.  Automatic renewal clauses (“auto-renewals”) allow providers of goods or services to bill consumers periodically without obtaining express consent before each billing cycle.  These clauses are becoming increasingly common for a variety of goods and services.  Regulators have expressed concern that consumers may lack clarity as to when auto-renewals apply and what they entail.  As a result,…