Understanding the ICO’s approach to assessing financial penalties should be a key element of an organisation’s data protection strategy and risk profile.
By James Lloyd and Sami Qureshi
In an era when data protection infringements can tarnish business reputations overnight,
The PDPL has broad extraterritorial scope and substantial penalties for non-compliance, with full enforcement expected to start in September.
By Brian A. Meenagh and Lucy Tucker
The Personal Data Protection Law (PDPL) is the first comprehensive data protection law in
The proposed amendments are expansive and would significantly affect how companies comply with the Children’s Online Privacy Protection Act.
By Jennifer C. Archie, Marissa R. Boynton, Michael H. Rubin, Gabriela Aroca Montaner, Samantha M. Laufer,
The amended rules follow the Biden Administration’s “whole of government” approach to maximizing notifications to executive agencies of cybersecurity events.
By Jennifer C. Archie, Matthew A. Brill, Gabriela Aroca Montaner, Chad Kenney, and Molly Whitman
On
Companies subject to India’s new data protection law should assess practical implications.
By Gail Crawford, Fiona Maclean, Danielle van der Merwe, Kate Burrell, Bianca H. Lee, Alex Park, Irina Vasile, and Amy Smyth
Covered financial institutions now face heightened expectations in relation to cybersecurity governance, risk assessment, and incident reporting.
By Jenny Cieplak, Tony Kim, Arthur Long, Clayton Northouse, Serrin Turner, Yvette D. Valdez, Deric Behar,
The final Implementing Regulations are generally business-friendly and bring the law closer to the EU GDPR.
By Brian A. Meenagh and Lucy Tucker
The Saudi Data & AI Authority (SDAIA) recently issued the final Implementing and Transfer Regulations for the
The new general data privacy laws in Oregon and Delaware expand on existing requirements under other state privacy laws.*
By Robert Blamires, Clayton Northouse, Austin L. Anderson, and Jennifer Howes
Key Takeaways:
The new framework provides an additional route for personal data transfers from the EEA to the US.
By Robert Blamires, Gail E. Crawford, James Lloyd, Clayton Northouse, Alice Brunning, Alexander Ford-Cox, and Jennifer Howes
Washington State’s landmark privacy law has inspired other states to pass similar laws with stringent requirements on a broad range of companies and processing activities.
By Heather B. Deixler, Clayton Northouse, Austin L. Anderson, Kiara E. Vaughn