Utah Enacts Comprehensive Privacy Law
Utah has joined California, Colorado and Virginia to become the fourth state to enact a comprehensive personal information privacy law. The law applies to any controller or processor with (1) annual revenue of $25,000,000 or more, and (2) who conducts business in Utah or produces a product or service that is targeted to consumers who […]
New Trans-Atlantic Data Privacy Framework Announced
You may recall that in 2020, the Court of Justice of the European Union (CJEU) (C- 311/18, Data Protection Commission vs. Facebook Ireland Ltd. and Maximilian Schrems) (Schrems II) invalidated the EU-US Privacy Shield, and called into question the continued viability of other mechanisms for transferring personal information such as Standard Contractual Clauses under the […]
2022 Data Privacy Day – An Update on Where the Laws Stand
Well, it’s Data Privacy Day, and it would be great to be able to report that the federal legislature has finally agreed on a comprehensive federal data privacy law – but alas, that has not happened. Like so many other legislative initiatives, it comes down to a matter of the legislators not being able to […]
2022 Data Privacy Day – Tips on Keeping Your Private Information Safe
On this International Data Privacy Day, we could all use a reminder to focus on what we can control – the extent to which we share private information about ourselves online. We cannot control the fact that there is an entire economy fueling bad actors who spend their entire lives trying to steal our private […]
Doing business in China? – Take note of China’s new Personal Information Protection Law
A significant recent privacy law development is China’s enactment of a comprehensive privacy law (Personal Information Protection Law), effective November 1, 2021. Similar to other privacy laws, (e.g., the PIPL sets forth rules for the collection, use and storage of personal data), there are some differences that set the PIPL apart from laws like the […]
Treasury Department issues updated advisory on potential sanctions for making ransomware payments
The U.S. Treasury Department updated its guidance on sanctions that might be levied if a company pays a ransom as a result of a ransomware attack and the payment makes its way to persons on the Specially Designated Nationals and Blocked Persons List (the SDN List) or to embargoed countries (such as Cuba and North […]
New state personal information privacy laws are here, with more on the way
There currently is no federal comprehensive data privacy law. Various states, however, have been enacting their own data privacy laws. California was the first (the CCPA), and recently passed a substantial amendment to its law (the CPRA), some of which is currently in effect and the majority of which will become effective January 1, 2023. […]
Thinking about sharing data with a new vendor? Will you be responsible if the vendor’s systems are breached?
In recent months, our firm has counseled clients through data breaches that were the result of unauthorized access into a third party’s systems. In these scenarios, our clients were not compromised directly, but hackers attacked a third party that hosted or had access to our clients’ data. The responses to these events varied, depending in […]
Does your sales team want to keep data about your customers forever? Do the recently adopted privacy statutes allow that?
A decade ago, companies devoted significant resources to creating and maintaining robust databases of customers and potential customers. Salespeople were taught to record not just names, addresses and phone numbers, but also little details such the names of the customers’ children, their favorite sports teams, their wedding anniversaries, and other pieces of personal information handy […]
Brexit EU Trademark
Now that the dust has settled on Brexit, owners of EU trademark registrations may have questions about what steps must be taken to retain their trademark protection in the United Kingdom. The good news: owners of existing EU trademark registrations need not take any action. Instead, on January 1, 2021, all EU trademark registrations were […]