The staff and board of the California Privacy Protection Agency (“CPPA”) have been working for nearly two years on a new set of proposed rulemaking under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”).
Privacy World
Keeping you informed on the evolving law on data privacy, security and innovation.
Latest from Privacy World - Page 2
EDPB Versus Ireland? Does the Opinion on “Main Establishments” Mean the End of the GDPR “One-stop Shop” Mechanism?
On February 13, 2024, the European Data Protection Board (EDPB) released its opinion on the notion of the main establishment of a controller in the EU under article 4(16)(a) GDPR and the criteria for the application of the “one-stop shop”…
Everything, Everywhere, All the Time: How Digital Data Regulations Affect Everything from Cross-Border Investigations, Disputes, Data Breach Response and AI
Scott Warren, a Partner in our Japan and China offices, will chair and speak at the Thailand & SE Asia 5th International Arbitration & Corporate Crime Summit on March 14, 2024 at the Rembrandt Hotel & Suites in Bangkok. …
California Considers Restricting Broad Swath of Content Personalization and Online Advertising Activities
On March 8, 2024, the California Privacy Protection Agency (“CPPA” or “Agency”) Board (“Board”) will consider draft regulations that set forth how automated decisionmaking technology (“ADMT”) and profiling will be regulated under the California Consumer Privacy Act (“CCPA”). The proposal…
Executive Order on Maritime Cybersecurity Illuminates Path Forward for All Critical Infrastructure Operators
On February 21, the Administration announced an Executive Order (“EO”) aimed at strengthening cybersecurity at U.S. Ports. While not directly applicable to critical infrastructure entities in other sectors, the EO highlights the Administrator’s focus on critical infrastructure more broadly and…
Data Breach Claims: Litigation with 750 Years of History
The relatively recent introduction in the UK of data privacy laws (the Data Protection Act 2018 (the “DPA”) and the UK GDPR (the “GDPR”)) has led to numerous claims concerning a data controller’s requirement to ensure that the personal data…
Privacy World Week in Review
In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.…
Singapore Issues Data Privacy Guidelines for Deterministic Artificial Intelligence (AI)
Background
On March 1, 2024, Singapore’s personal data protection commission (Commission) issued its advisory guidelines (Guidelines) on the use of personal data for AI systems that provide recommendations, predictions and decisions.
The Guidelines follow a public consultation in July and…
More Detail on U.S. Data Processing Assessment Requirements
The California Privacy Protection Agency (“CPPA”) has published revised draft regulations detailing what it proposes to be required of businesses under the California Consumer Privacy Act (“CCPA”) to assess, mitigate and document risk before engaging in specified types processing of…
U.S. Restricts Personal Data to Countries of Concern and Persons Closely Related
On February 28, 2024, President Biden issued a groundbreaking executive order (EO) establishing the framework for new restrictions on transactions involving US persons’ sensitive personal data and “countries of concern,” including China, or related parties. Our Data and Public Policy…