2018, Blog and Data protection - Legal Tech Connection

European Data Protection Roundup – April 2024

Debevoise Data Blog

MAY 28, 2024

EDPB “Consent or pay” models: Businesses operating large online platforms should consider the European Data Protection Board’s recent opinion indicating that “consent or pay” models are unlikely to be GDPR-compliant.

Data protection

Data protection Compliance Law Law

European Data Protection Roundup – March 2024

Debevoise Data Blog

APRIL 26, 2024

Key takeaways from March include: CNIL data security practice guide: The French DPA published an update of its data security practice guide for data protection officers, chief information security officers, computer scientists and legal experts. 33(2) GDPR relating to the same personal data breach.

Data protection

Data protection e-records Compliance Court

European Data Protection Roundup – April 2023

Debevoise Data Blog

MAY 12, 2023

Key takeaways this April include: UK children’s data protection focus continues: Businesses may wish to review policies and procedures for dealing with children’s data in light of recent UK ICO fines and guidance, especially to ensure that terms of use are adequately enforced. UK ICO fines TikTok £12.7

Data protection

Data protection Software design Machine learning Software

European Data Protection Roundup – September

Debevoise Data Blog

OCTOBER 12, 2021

million fine against Austrian Post for channelling electronic data protection-related inquiries to a web form and not offering an additional email address, irrespective of the data subject option to also use non-electronic postal mail or customer service. These developments, and more, covered below.

Data protection

Data protection Failure-to-appear Compliance e-records

TechTicker Issue 48: Half a decade later, a data protection law is here

Ikigai Law

AUGUST 11, 2023

“If you don’t see me in half a decade, just wait a little longer” – India’s data protection bill ( circa 2018 ) On 9 th August, the Digital Personal Data Protection Bill, 2023 was finally passed in the Parliament. The finish line – the new data bill What stood out?

Data protection

Data protection Law Law

European Data Protection Roundup: 2020 in Five Trends

Debevoise Data Blog

JANUARY 21, 2021

In this post, we look back at the 2020 European data protection landscape and five trends that help companies understand not only where we are, but where data protection enforcement, litigation, and practice may be headed. million against Marriott for its 2018 data breach When you dig deeper though, two key points emerge.

Data protection

Data protection Litigator Litigation Failure-to-appear

Automated Compliance: German start-up Secjur expands into Switzerland

Legal Tech Blog

SEPTEMBER 7, 2023

New data protection laws, increasing regulation, greater risk of cyber attacks: The challenges for entrepreneurs are becoming ever greater. On September 1, a new data protection law (revDSG) has come into force in Switzerland. However, compliance can be largely automated through artificial intelligence.

Compliance

Compliance Data protection Legal tech Legal tech

UK Information Commissioner’s Office Releases New Guidance for Monitoring at Work

Inside Privacy

OCTOBER 17, 2023

On 3 October 2023, the UK Information Commissioner’s Office (“ ICO ”) finalized its Employment practices and data protection − Monitoring workers guidance (“ Guidance ”) to account for new types of work, including work from home, and the use of more sophisticated technologies for monitoring.

Data protection

Data protection Time-tracking Case management Compliance

The EDPB makes its mind up about transfers

Technology Law Dispatch

MARCH 6, 2023

If you can remember as far back as December 2021, we published a blog post announcing that the European Data Protection Board (EDPB) published draft guidelines on the interplay between the territorial scope of the GDPR and the international transfer requirements.

Data protection

Navigating Legal Factors for U.S. Companies Entering the E-commerce Market in Africa

Richmond Journal of Law and Technology

MAY 2, 2023

This blog post delves into the legal considerations that contribute to the success of e-commerce in different African countries and recommends suitable entry points for businesses entering the e-commerce market. and Trade, Consumer Protection , [link] [10] Kenya Info and Commc’n Act (1998), [link] Consumer Prot. 15] Ultimately, U.S.

Data protection

Data protection Compliance Due diligence Law

SEC Information Requests: UK Privacy Regulator Clarifies Position

Debevoise Data Blog

FEBRUARY 8, 2021

As anyone following the fallout from the Court of Justice of the European Union’s decision in Schrems II will know, the GDPR restricts the transfer of personal data to “third countries”, including the U.S., This requires firms to share only personal data that is truly necessary for the stated purpose of the data request.

Data protection

Data protection Compliance Court Law

What is the Biden Administration’s new National Cybersecurity Strategy, and will it mean we can keep TikTok?

Richmond Journal of Law and Technology

APRIL 11, 2023

14] Concerns, interest, and public outcries over data security have been increasing. [15] 15] Increased awareness of companies profiting from lax data security systems and personal information, along with high-profile data breaches, has heightened concerns about cybersecurity in the private sector. [16] Agency: Blog (Mar.

Data protection

Data protection Software Defendant Law

EU Rules Restricting the International Transfers of Non-Personal Data

Inside Privacy

FEBRUARY 1, 2024

In this blog post, we outline the current and forthcoming EU legislation on the international transfer of non-personal data. This blog post was drafted with the contribution of Diane Valat. ) X (Recent Council versions remove this obligation.) We are happy to answer any questions you may have on this topic.

Intellectual Property

Intellectual Property State law Court Compliance

European Data Protection Roundup – October 2023

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection

Data protection Compliance Failure-to-appear e-records

SEC Levies $1 Million Penalty for Allegedly Misleading Cybersecurity Incident Disclosures

Debevoise Data Blog

AUGUST 18, 2021

The penalty resolves charges that Pearson misled investors related to a 2018 data breach. According to the SEC’s Order , on March 21, 2019, Pearson learned that millions of rows of data had been accessed and downloaded by a threat actor exploiting an unpatched security vulnerability. securities issuer.

Data protection

Data protection Software Law Law

China Proposes Draft Measures to Regulate Generative AI

Inside Privacy

APRIL 12, 2023

These requirements cover a wide range of issues that are frequently debated in relation to the governance of generative AI globally, such as data protection, non-discrimination, bias and the quality of training data. This blog post identifies a few highlights of the draft Measures.

Intellectual Property

Intellectual Property Data protection Law Law

Standard contractual clauses need to be updated by 27 December 2022

new tech law blog

DECEMBER 2, 2022

Entities transferring personal data outside the European Economic Area on the basis of standard contractual clauses that are no longer in force (where the transfer began before 27 September 2021) should conclude agreements based on new clauses by 27 December 2022.

Data protection

Data protection Compliance Court

European Data Protection Roundup – August

Debevoise Data Blog

SEPTEMBER 9, 2021

UK High Court dismisses most of the Dixons data breach claim What happened : The UK High Court dismissed various claims against DSG Retail Limited (“DSG”), the owner of Currys PC World and Dixons Travel, relating to a 2017 – 2018 data breach where hackers accessed personal data in the company’s systems.

Data protection

Data protection Court Litigator Litigation

The Challenges That AI Poses for Data Minimization

Debevoise Data Blog

MARCH 17, 2023

To subscribe to the Data Blog, please click here. The cover art used in this blog post was generated by DALL-E.

e-discovery

e-discovery Compliance Litigator Litigation

European Data Protection Roundup – January 2024

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection

Data protection Compliance Court e-records

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Clio

JANUARY 30, 2024

Check out our blog post on understanding HIPAA compliance for more information. GDPR : To help address global needs for enhanced data security, in 2018, Europe introduced a unified data protection law, the General Data Protection Regulations (GDPR). So, it may be a good idea to learn more about GDPR.

Law firm

Law firm Law Law Due diligence

The SEC’s Cybersecurity Priorities for Registered Investment Advisers – Looking Back to Anticipate the Road Ahead

Debevoise Data Blog

MARCH 11, 2021

The recent publication of the SEC’s 2021 Division of Examination Priorities (the “2021 Priorities”) presents an opportunity to look back at the cybersecurity work of the SEC in 2020 and speculate about the SEC’s examination and enforcement priorities for data protection in the coming year for RIAs.

Compliance

Compliance Data protection Attorney

Data Minimization – Recent Enforcement Actions Show Why Some Companies Need to Get Rid of Old Electronic Records

Debevoise Data Blog

FEBRUARY 28, 2022

As cyber threats continue to grow, and consumers gain more privacy rights over their personal data, businesses need robust data minimization programs that can significantly reduce the amount of sensitive data they collect and maintain. The UK Data Protection Act of 2018 has a similar provision.

e-filing

e-filing Compliance Litigator Litigation

For Companies Subject to the GDPR: Five Cybersecurity Takeaways from the ICO’s Ticketmaster Fine

Debevoise Data Blog

NOVEMBER 24, 2020

EU authorities have understandably declined to put forward a single list of mandatory data security controls that apply to all companies subject to the GDPR. million fine imposed by the UK Information Commissioner’s Office (“ICO”) against Ticketmaster for alleged data security failings that exposed customer payment card data.

Data protection

Data protection Compliance Failure-to-appear Software

The Supreme Court’s Decision in Lloyd v Google: What Impact on UK Mass Claims?

Debevoise Data Blog

NOVEMBER 12, 2021

Mr Lloyd alleged that Google breached its duties as a data controller under the Data Protection Act 1998 (“DPA”) when it implemented the ‘Safari Workaround’. Google was initially successful before the first instance judge in 2018. This was reversed by the Court of Appeal in 2019.

Data protection

Data protection Court Judge Litigator

European Data Protection Roundup – September

Debevoise Data Blog

OCTOBER 10, 2022

European Data Protection Roundup – September 2022 Key takeaways this September include: Google Analytics : Continue to assess carefully the use of Google Analytics. What to do : The Danish Data Protection Agency referred entities to the CNIL’s detailed guidance on making Google Analytics GDPR-compliant.

Data protection

Data protection Analytics Software Compliance

European Data Protection Roundup – October

Debevoise Data Blog

NOVEMBER 2, 2022

up to 45 when including the European Economic Area and the 16 German state data protection authorities). In 2018, the U.S. The outcome could have a significant impact on businesses’ potential liability for GDPR infringements and the viability of mass claims. authorised the U.S.

Data protection

Data protection Compliance Machine learning Court

Destruction Emerges as a Powerful Enforcement Measure for AI – FTC Requires Company to Delete Models Trained With Improperly Utilized Consumer Data

Debevoise Data Blog

JANUARY 19, 2021

FTC Commissioner Rohit Chopra remarked in a statement that Commissioners have previously voted to allow data protection law violators to retain algorithms and technologies that derive much of their value from ill-gotten data and that the Everalbum settlement marked an “an important course correction.”

Machine learning

Machine learning Court Data protection Law

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

Berkley Technology Law Journal

NOVEMBER 18, 2022

So if you’re a new entrant and you want to go into competition with those companies, one way to sort of lower the barriers to entry would be that you get access to those data. And, of course, due to our very strict data protection rules, you will not get access to the data without sort of consent of the end users.

Law

Law Law Data protection Court

National Cybersecurity Strategy (Part 1): The White House Urges Private and Public Action

Debevoise Data Blog

MARCH 16, 2023

On March 2, 2023, the White House Office of the National Cyber Director (“ONCD”) released the Biden Administration’s (the “Administration”) long-awaited National Cybersecurity Strategy (the “Strategy”), the first since the Trump Administration’s strategy was issued in September 2018. To subscribe to our Data Blog, click here.

Software

Software Defendant Failure-to-appear Compliance

Legal Tech Connection

European Data Protection Roundup – April 2024

European Data Protection Roundup – March 2024

Trending Sources

European Data Protection Roundup – April 2023

European Data Protection Roundup – September

TechTicker Issue 48: Half a decade later, a data protection law is here

European Data Protection Roundup: 2020 in Five Trends

Automated Compliance: German start-up Secjur expands into Switzerland

UK Information Commissioner’s Office Releases New Guidance for Monitoring at Work

The EDPB makes its mind up about transfers

Navigating Legal Factors for U.S. Companies Entering the E-commerce Market in Africa

SEC Information Requests: UK Privacy Regulator Clarifies Position

What is the Biden Administration’s new National Cybersecurity Strategy, and will it mean we can keep TikTok?

EU Rules Restricting the International Transfers of Non-Personal Data

European Data Protection Roundup – October 2023

SEC Levies $1 Million Penalty for Allegedly Misleading Cybersecurity Incident Disclosures

China Proposes Draft Measures to Regulate Generative AI

Standard contractual clauses need to be updated by 27 December 2022

European Data Protection Roundup – August

The Challenges That AI Poses for Data Minimization

European Data Protection Roundup – January 2024

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

The SEC’s Cybersecurity Priorities for Registered Investment Advisers – Looking Back to Anticipate the Road Ahead

Data Minimization – Recent Enforcement Actions Show Why Some Companies Need to Get Rid of Old Electronic Records

For Companies Subject to the GDPR: Five Cybersecurity Takeaways from the ICO’s Ticketmaster Fine

The Supreme Court’s Decision in Lloyd v Google: What Impact on UK Mass Claims?

European Data Protection Roundup – September

European Data Protection Roundup – October

Destruction Emerges as a Powerful Enforcement Measure for AI – FTC Requires Company to Delete Models Trained With Improperly Utilized Consumer Data

Berkeley Technology Law Journal Podcast: Digital Markets Act with Professor Jürgen Kühling

National Cybersecurity Strategy (Part 1): The White House Urges Private and Public Action

Stay Connected