Tag: Data Privacy

October 10, 2023

The UK government has published the Data Protection (Adequacy) (United States of America) Regulations 2023 (SI 2023/1028) (the UK-US Data Bridge Regulations) which adopted an adequacy decision for the US (the UK-US Data Bridge) and will come into force on […]

September 21, 2023

To whom does the Oregon Consumer Privacy Act apply? The Oregon Consumer Privacy Act imposes transparency and disclosure obligations on a “controller” (an individual or legal entity who, “alone or jointly with another person, determines the purposes and means for […]

September 20, 2023

On September 12, 2023, Delaware governor John Carney signed the Delaware Personal Data Privacy Act (the “DPDPA” or the “Act”) into law. The DPDPA protects the privacy rights of consumers in Delaware and regulates the collection, use, and disclosure of […]

September 8, 2023

Earlier in 2023, we launched our New England and First Circuit Class Action Tracker, as a tool to analyze class action litigation trends in Massachusetts, Maine, New Hampshire, and Rhode Island. In July, we updated our tracker to include data […]

September 6, 2023

Given the increasing number of data privacy laws in the U.S., entering into appropriate data processing agreements (“DPAs”) with vendors has now become a critical component of vendor management. It can also be one of the most time-consuming and complex […]

August 9, 2023

Increasing oversight of tech companies, particularly in the realm of consumer privacy, has been a rare example of bipartisan agreement. Despite data privacy being a growing concern for consumers, however, there has been relatively little federal policymaking. To counteract this […]

July 24, 2023

The European Commission published a very significant adequacy decision last week, which is expected to facilitate transfers of personal information from Europe to the United States. The decision came as part of the Commission’s official recognition of a revised arrangement […]

July 12, 2023

On June 30, 2023, the California Superior Court issued a decision blocking the California Privacy Protection Agency (“CPPA” or the “Agency”) from enforcing new regulations governing the collection and use of consumer data until March 2024. The CPPA was set […]

July 11, 2023

In this third installment on the enforcement of U.S. consumer data privacy laws, we focus on the role of private litigants. Following our discussions of state and federal government enforcement, this post focuses on the third way that consumer rights […]

July 11, 2023

On June 16, 2023, Nevada enacted Senate Bill 370 (“SB 370”), which imposes broad restrictions on the collection, use, and sale of consumer health data. This law is set to go into effect on March 31, 2024. SB 370 is […]

July 10, 2023

On June 30, 2023, the Delaware general assembly passed the Delaware Personal Data Privacy Act (“DPDPA”), H.B. 154. This bill resembles the comprehensive privacy statutes in Connecticut, Montana, and the recently passed bill in Oregon, though there are some notable […]

July 3, 2023

On July 3, 2023, U.S. Secretary of Commerce Gina Raimondo issued a statement confirming that the U.S. has fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the “Framework”). In the statement, it was confirmed that the EU, Iceland, […]

June 26, 2023

As the intersection of technology and healthcare becomes increasingly nuanced, the field of genomic medicine is rapidly evolving and expanding. Genomic medicine, or personalized medicine focusing on the data holding information on base sequence in an individual’s genome, uses an […]

June 9, 2023

On June 6, 2023, Florida Gov. Ron DeSantis signed into law SB 262, which grants Florida consumers certain rights relating to the processing of their personal data by businesses. Parts of SB 262 will come into effect in 2023. This […]

June 2, 2023

On May 28, the Texas legislature passed the Texas Data Privacy and Security Act (TDPSA), also known as H.B. 4. The TDPSA was sent to Governor Greg Abbott on May 30. If signed into law, the TDPSA will take effect […]

May 23, 2023

Indiana, Montana, and Tennessee have all enacted general data privacy legislation, bringing the total to nine US state data privacy laws. Montana will be the first of the three new laws to take effect on October 1, 2024, followed by […]

March 15, 2023

On March 15, 2023, the Iowa House voted 97-0 to pass SF 262. The bill previously passed the Senate by a vote of 47-0. The bill was procedurally messaged back to the Senate. Pending any remaining procedural hurdles and the […]

February 9, 2023

As more of our lives and work become digitized, an inherent overlap continues to grow between data privacy and cyber security programs. Think of two similarly sized circles: in the past, data privacy and cyber security may have overlapped on […]

February 8, 2023

Regulatory enforcement and large litigation relating to the use of third party trackers on companies’ websites and applications have been on the rise. Tracking often occurs without the companies’ knowledge or consent. Third party tracking on hospital and provider websites […]

February 3, 2023

The California Attorney General just announced an investigative sweep of mobile apps that allegedly fail to meet the requirements of state data privacy law, meaning businesses that conduct business through apps need to immediately ensure they are compliant with the […]