Data protection and Definition - Legal Tech Connection

Data Protection in the Workplace: Employer Guidance

Legal IT Group

SEPTEMBER 19, 2023

For example, in 2020, the Data Protection Authority of Hamburg imposed a 35.3 This fact became known when the H&M servers encountered a technical error, and the data on the network drive became accessible to all employees for a few hours. Read more about employer monitoring and data protection in our previous article.

Data protection

Data protection Compliance e-records Law

UK Data Protection Bill No.2 – What is changed?

Technology Law Dispatch

MARCH 24, 2023

On 8 March 2023, the UK government presented a new version of the UK Data Protection and Digital Information Bill No.2. As with the previous bill, the new bill aims to alleviate the burden of compliance with the UK GDPR and its implementing UK Data Protection Act (2018) for organisations in the UK.

Data protection

Data protection Failure-to-appear Compliance Software

“Bossware” under labour and data protection law

new tech law blog

JANUARY 2, 2023

In this regard, we describe below what they should take under consideration in light of Polish labour law and data protection law. Therefore, implementation and exploitation of such solutions by the employer (as a controller of employee data) must be done in compliance with the rules for processing of personal data under Art.

Data protection

Data protection Law Law Time-tracking

Summary of the Digital Personal Data Protection Bill, 2023

Ikigai Law

AUGUST 3, 2023

Our summary of the Digital Personal Data Protection Bill, 2023 The Digital Personal Data Protection Bill, 2023 ( 2023 Bill ) was tabled in Parliament on 3 August 2023. It is the fifth – and likely final – iteration of India’s efforts to formulate a personal data protection law.

Data protection

Data protection Compliance e-filing Hearing

“Reject All” button in cookie consent banners – An update from the UK and the EU

Technology Law Dispatch

NOVEMBER 8, 2023

There is more clarity on the views of the UK data protection authority on whether a “Reject All” option in the first layer of a cookie consent management solution is required. This is more likely be compliant with data protection law, as firms will be better placed to demonstrate that the user has a genuine free choice.“

Data protection

Data protection Compliance Court Law

A “light touch” approach to AI regulation in the UK

Technology Law Dispatch

APRIL 18, 2023

The UK government advocates for AI that is “trustworthy”, with proportionate controls on sensitive technology, and with data used responsibly. ICO’s updated guidance on AI and Data Protection The ICO issued updated its guidance on AI and Data Protection following requests to clarify requirements for fairness in AI.

Data protection

Data protection Compliance

Texas Passes Data Privacy and Security Act

Inside Privacy

MAY 30, 2023

Under the Act, processors must assist controllers in meeting their obligations, including responding to consumer requests and conducting data protection assessments. The Act also requires controllers to implement opt-out preference signals by January 1, 2025.

Data protection

Data protection Attorney Law Law

The FCC Expands Scope of Data Breach Notification Rules

Inside Privacy

JANUARY 4, 2024

In late December 2023, the Federal Communications Commission (“FCC”) published a Report and Order (“Order”) expanding the scope of the data breach notification rules (“Rules”) applicable to telecommunications carriers and interconnected VoIP (“iVoIP”) providers. state data breach notification laws, which have a similar good faith exceptions.

Data protection

Data protection Federal law State law Law

Overhaul of the Australian Privacy Act

Legal IT Group

JANUARY 22, 2024

With this regard, it is essential to know about the privacy legislation of this country since, nowadays, most internet businesses process the personal data of their clients, and they should do it in compliance with data protection laws. ” Thus, the Australian Privacy Act also aims to have a GDPR level of data protection.

Data protection

Data protection Compliance Litigator Litigation

Connecticut Legislature Passes Amendments to the Connecticut Data Privacy Act

Inside Privacy

JUNE 15, 2023

It would define consumer health data as “any personal data that a controller uses to identify a consumer’s physical or mental health condition or diagnosis, and includes, but is not limited to, gender-affirming health data and reproductive or sexual health data.” Consumer Health Data Requirements.

Data protection

Italian Garante Issues Guidance on the Use of AI in the Context of National Healthcare Services

Inside Privacy

NOVEMBER 8, 2023

On October 12, 2023 the Italian Data Protection Authority (“Garante”) published guidance on the use of AI in healthcare services (“Guidance”). Accountability, definition of roles and privacy by design and by default The Garante stresses the importance of the principles of privacy by design and by default, connected with accountability.

Data protection

Data protection Case law Law Law

Protection of personal data in Brazil: differences in the scope of the LGPD and the new penal practice

Legal IT Group

SEPTEMBER 29, 2023

Brazil’s Lei Geral de Proteção de Dados Pessoais (or LGPD), similar to GDPR, CCPA and PIPEDA, regulates personal data protection. If the company does not process personal data in Brazil but still processes data to offer or supply goods or services to Brazil, the LGPD also applies in this case. Apparently not.

Data protection

Data protection Compliance Court Law

Key Points Regarding the DPC Decision Against Meta

Inside Privacy

JUNE 1, 2023

It has been well-publicized that the Irish Data Protection Commission (“DPC”) has imposed a record €1.2 billion fine and corrective measures under the GDPR against Meta Ireland (“Meta”) in a long-running dispute relating to cross-border data transfers and the EU standard contractual clauses (“SCCs”).

Data protection

Data protection Court Compliance Hearing

Indiana Passes Comprehensive Privacy Statute

Inside Privacy

APRIL 18, 2023

5 limits its definition of “profiling” to “solely automated processing.” Sensitive Data: Controllers must obtain consent before processing a consumer’s sensitive data. Notably, S.B. identifies a consumer within a radius of 1,750 ft.). Controller & Processor Contracts: S.B. 5 uses the terms “controller” and “processor.”

Data protection

Data protection Attorney Law Law

Now on my Go-To List: MS Copilot Offers Free, Protected Access to Latest GPT-4 Turbo & DALL-E 3 Image Generation

Wisblawg

JANUARY 2, 2024

Microsoft recently announced that Copilot with commercial data protection will be available to all faculty and higher education students ages 18 and above. This looks especially intriguing for productivity improvement but at $30 per month is definitely not free.

Data protection

EDPB Issues Draft Guidelines on Technical Scope of ePrivacy Directive Storage and Access Rules

Inside Privacy

NOVEMBER 20, 2023

On November 16, 2023, the European Data Protection Board (“EDPB”) issued draft Guidelines 2/2023 on Technical Scope of Art. 5(3) of ePrivacy Directive (“Guidelines”). Article 5(3) is the provision that requires consent before storing or accessing information on an end user’s device.

Time-tracking

Time-tracking Data protection Software Law

What the GDPR Can Tell Us About State Privacy Laws

Debevoise Data Blog

NOVEMBER 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. When Are Data Protection Assessments Required? Recently, a number of U.S. Recently, a number of U.S.

Data protection

Data protection Law Law Compliance

UK Financial Regulators Publish Response to AI Consultation – Seven Takeaways

Debevoise Data Blog

OCTOBER 31, 2023

Seven Takeaways from the Response Paper The definition of AI is a key gating question. The definition of “artificial intelligence” has been a contentious point in multiple AI legislative processes – including the draft EU AI Act – and it appears that the UK Financial Authorities could face similar challenges.

Compliance

Compliance Due diligence Machine learning Data protection

European Data Protection Roundup – February

Debevoise Data Blog

MARCH 26, 2023

As multi-jurisdiction data protection concerns expand and opportunities to rely on a lead supervisory authority may narrow , the EDPB is emphasising consistency of decisions between national supervisory authorities through, among other measures, the development of approval procedures that require a cooperation phase and the creation of task forces.

Data protection

Data protection Compliance Court Law

Best Law Firm Websites of 2023

Lawyerist

MARCH 2, 2023

This year, sites spanned Data Protection, Mergers & Acquisitions, Family Law, and Personal Injury, and more. Cybernetic Law Designer: G Digital Cybernetic Law definitely has its ideal client in mind with the design. The Best Law Firm Websites Contest of 2023 saw entrants from all over the world and practice areas.

Law firm

Law firm Law Law Data protection

European Data Protection Roundup – October 2023

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection

Data protection Compliance Failure-to-appear e-records

China Proposes Draft Measures to Regulate Generative AI

Inside Privacy

APRIL 12, 2023

These requirements cover a wide range of issues that are frequently debated in relation to the governance of generative AI globally, such as data protection, non-discrimination, bias and the quality of training data. This blog post identifies a few highlights of the draft Measures.

Intellectual Property

Intellectual Property Data protection Law Law

European Data Protection Roundup – November 2023

Debevoise Data Blog

DECEMBER 22, 2023

For example, the Garante notes the need to incorporate data protection by design and by default principles within any AI systems used in the healthcare space. In particular, the paper recommends the use of internal data access controls, regular auditing of data security measures, and the use of data protection impact assessments.

Data protection

Data protection Time-tracking Compliance Machine learning

UK Government Adopts a “Pro-Innovation” Approach to AI Regulation

Inside Privacy

APRIL 24, 2023

For example, in October 2022, the Bank of England and Financial Conduct Authority (“FCA”) jointly released a Discussion Paper on Artificial Intelligence and Machine Learning considering how AI in financial services should be regulated and, in March 2023, the ICO updated its Guidance on AI and Data Protection.

Intellectual Property

Intellectual Property Data protection Machine learning Compliance

The Arrival of 2023 U.S. State Privacy Laws – Part 2: Colorado Update

Debevoise Data Blog

FEBRUARY 6, 2023

Under ColoPA, “publicly available” information is excluded from its definition of personal data. We recently noted this provision echoes similar consent requirements in the General Data Protection Regulation (“GDPR”). Additionally, consumers must be able to withdraw consent at any given time. Dark Patterns Forbidden.

Data protection

Data protection Hearing Law Law

Lawyers and Cybersecurity: Security By Obscurity Is Not Security

Legal Tech Monitor

MAY 3, 2023

To truly safeguard our digital assets, we need to employ multiple layers of data protection But [having strong passwords] is not enough. Hackers are becoming more sophisticated in their tactics, and relying solely on passwords for protection is like leaving your front door unlocked in a high-crime area.

Lawyer

Lawyer Data protection Time-tracking

Lawyers and Cybersecurity: Security By Obscurity Is Not Security

TechLaw Crossroads

MAY 3, 2023

To truly safeguard our digital assets, we need to employ multiple layers of data protection But [having strong passwords] is not enough. Hackers are becoming more sophisticated in their tactics, and relying solely on passwords for protection is like leaving your front door unlocked in a high-crime area. It’s just an illusion.

Lawyer

Lawyer Data protection Time-tracking

CJEU’s Advocate General Issues Opinion on Concept of Controller, Joint Controller, Processor, and Administrative Fines

Inside Privacy

MAY 15, 2023

3) Does the definition of “processing” provided in Article 4(2) GDPR cover a situation where personal data are used during the test phase of a mobile application? The definition of “processing” covers using personal data to test a mobile application.

Court

Court Data protection

California’s Age-Appropriate Design Code Act Expands Businesses’ Privacy Obligations Regarding Minors

Debevoise Data Blog

SEPTEMBER 19, 2022

Governor Newsom stated that he is “thankful to Assemblymembers Wicks and Cunningham and the tech industry for pushing these protections and putting the wellbeing of our kids first.” Notable affirmative obligations include: Data Protection Impact Assessments (“DPIAs”). Definition of “Child” Under age 18. Under age 18.

Data protection

Data protection Compliance Time-tracking Attorney

Utah Joins the Comprehensive State Privacy Law Club

Debevoise Data Blog

APRIL 29, 2022

In prior posts, we have written about the evolving state privacy law landscape, including how to prepare for state privacy laws coming into effect in 2023 here ; various aspects of the CCPA and CPRA, including here and here ; and the Virginia Consumer Data Protection Act (“VCDPA”) here. UCPA § 13-61-103(31)(b)(iii).

Law

Law Law Data protection Attorney

Virginia Enacts a Comprehensive Privacy Law – Similarities and Differences Among VCDPA, CCPA and GDPR

Debevoise Data Blog

MARCH 4, 2021

state with a comprehensive privacy law, with Governor Ralph Northam’s signing of the Virginia Consumer Data Protection Act (“VCDPA”) on March 2, 2021. law in the direction of its overseas cousin, the European Union’s General Data Protection Regulation (“GDPR”). What data is covered by VCDPA? It also pulls U.S.

Data protection

Data protection Law Law Compliance

Key Takeaways from China’s Finalized Generative Artificial Intelligence Measures

Inside Privacy

JULY 14, 2023

These topics range from AI governance, training data, tagging and labeling to data protection and user rights. As the first comprehensive AI regulation in China, the Measures cover a wide range of topics touching upon how Generative AI Services are developed and how such services can be offered.

Intellectual Property

Intellectual Property Data protection Law Law

What is the Biden Administration’s new National Cybersecurity Strategy, and will it mean we can keep TikTok?

Richmond Journal of Law and Technology

APRIL 11, 2023

14] Concerns, interest, and public outcries over data security have been increasing. [15] 15] Increased awareness of companies profiting from lax data security systems and personal information, along with high-profile data breaches, has heightened concerns about cybersecurity in the private sector. [16] Amazon.com, Inc.,

Data protection

Data protection Software Defendant Law

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Debevoise Data Blog

DECEMBER 1, 2021

Addressing the medical privacy essentials: HIPPA and the new challenges posed by the rise of telemedicine, especially during the Covid-19 pandemic, this chapter closely examines medical privacy and it contains helpful practice notes pertaining to HIPPA’s intricate definitions and requirements. practitioners: European Union, the U.K.,

Law

Law Law Data protection Litigator

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

3 Geeks and a Law Blog

JULY 11, 2023

And I think, really, really have to educate and continuously, you know, alert employees to this, you know, made sure there’s, you know, safe document destruction when data is done, you know, we all print out documents to read them as lawyers. So I definitely think data. I mentioned employee errors, but also insider threats.

Law firm

Law firm Time-tracking Due diligence Attorney

Importance of Recurring Payment for Law Firms

MatterSuite

JANUARY 9, 2024

Let’s delve into the various aspects of recurring payments, from their definitions to the advantages they bring to law firms. Topics will include encryption standards, compliance with data protection regulations, and the importance of selecting secure payment gateways.

Law firm

Law firm Law Law Time-tracking

CCPA Enforcement Actions Take Aim at Sales of Personal Information

Debevoise Data Blog

SEPTEMBER 14, 2022

Together with the California Attorney General’s prior enforcement examples , these enforcement examples shed light on how the California Attorney General views the definition of a “sale” under the CCPA, and suggest compliance steps that businesses might consider undertaking to mitigate enforcement risks.

Analytics

Analytics Compliance Failure-to-appear Attorney

Importance of Recurring Payment for Law Firms

MatterSuite

JANUARY 9, 2024

Let’s delve into the various aspects of recurring payments, from their definitions to the advantages they bring to law firms. Topics will include encryption standards, compliance with data protection regulations, and the importance of selecting secure payment gateways.

Law firm

Law firm Law Law Time-tracking

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Clio

JANUARY 30, 2024

GDPR : To help address global needs for enhanced data security, in 2018, Europe introduced a unified data protection law, the General Data Protection Regulations (GDPR). To ensure your provider will do you more good than harm with your data, carefully vet potential vendors.

Law firm

Law firm Law Law Due diligence

Connecticut’s Next Generation Data Privacy Law

Debevoise Data Blog

MAY 23, 2022

Like the CCPA/CPRA and ColoPA, the CTPA defines “sale” to include the exchange of data for monetary or other valuable consideration. This contrasts with the VCDPA’s and the UCPA’s definition of “sale,” which is limited to an exchange of personal data for only monetary consideration. CTPA § 1(26). CTPA §§ 1(27) & 6(a)(4).

Law

Law Law Compliance Attorney

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

state privacy law, including updates to the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”), the Colorado Protect Personal Data Privacy Act (“ColoPA”), the Connecticut Privacy Act (“CTPA”), the Virginia Consumer Data Protection Act (“VCDPA”), and the Utah Consumer Privacy Act (“UCPA”).

State law

State law Federal law Compliance Data protection

Richard Susskind + Mark Cohen on Digital Transformation + Legal Tech

Ron Friedmann

JULY 30, 2020

Mark on Digital Transformation for 10 Minutes “Digital transformation” is often uttered but has not definition in the legal market. How can law firms square privacy and data protection with more data analytics? But lawyers still are happy to delegate the tech. Like Uber, it would have ratings of providers.

Legal tech

Legal tech Legal tech Law firm Lawyer

Tech Ticker Issue 42: January 2023

Ikigai Law

FEBRUARY 9, 2023

Largely, the government is open to comments from stakeholders on the definition of ‘online games’ and other issues. Other bills that might be discussed include the draft Digital Personal Data Protection Bill and the Telecommunication Bill. A consultation, extension and a few days later – attempt to censor fact check?

Due diligence

Due diligence Data protection Hearing Compliance

Overview of Global AI Regulatory Developments and Some Tips to Reduce Risk

Debevoise Data Blog

MAY 2, 2023

This includes the definition of “high-impact” AI and the list of AI use cases that would be banned outright. These include transparency requirements and risk-management systems that identify, assess, and mitigate the risks of harm from high-impact AI systems.

Compliance

Compliance Time-tracking Data protection Law

Data Protection in the Workplace: Employer Guidance

UK Data Protection Bill No.2 – What is changed?

Trending Sources

“Bossware” under labour and data protection law

Summary of the Digital Personal Data Protection Bill, 2023

“Reject All” button in cookie consent banners – An update from the UK and the EU

A “light touch” approach to AI regulation in the UK

Texas Passes Data Privacy and Security Act

The FCC Expands Scope of Data Breach Notification Rules

Overhaul of the Australian Privacy Act

Connecticut Legislature Passes Amendments to the Connecticut Data Privacy Act

Italian Garante Issues Guidance on the Use of AI in the Context of National Healthcare Services

Protection of personal data in Brazil: differences in the scope of the LGPD and the new penal practice

Key Points Regarding the DPC Decision Against Meta

Indiana Passes Comprehensive Privacy Statute

Now on my Go-To List: MS Copilot Offers Free, Protected Access to Latest GPT-4 Turbo & DALL-E 3 Image Generation

EDPB Issues Draft Guidelines on Technical Scope of ePrivacy Directive Storage and Access Rules

What the GDPR Can Tell Us About State Privacy Laws

UK Financial Regulators Publish Response to AI Consultation – Seven Takeaways

European Data Protection Roundup – February

Best Law Firm Websites of 2023

European Data Protection Roundup – October 2023

China Proposes Draft Measures to Regulate Generative AI

European Data Protection Roundup – November 2023

UK Government Adopts a “Pro-Innovation” Approach to AI Regulation

The Arrival of 2023 U.S. State Privacy Laws – Part 2: Colorado Update

Lawyers and Cybersecurity: Security By Obscurity Is Not Security

Lawyers and Cybersecurity: Security By Obscurity Is Not Security

CJEU’s Advocate General Issues Opinion on Concept of Controller, Joint Controller, Processor, and Administrative Fines

California’s Age-Appropriate Design Code Act Expands Businesses’ Privacy Obligations Regarding Minors

Utah Joins the Comprehensive State Privacy Law Club

Virginia Enacts a Comprehensive Privacy Law – Similarities and Differences Among VCDPA, CCPA and GDPR

Key Takeaways from China’s Finalized Generative Artificial Intelligence Measures

What is the Biden Administration’s new National Cybersecurity Strategy, and will it mean we can keep TikTok?

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Importance of Recurring Payment for Law Firms

CCPA Enforcement Actions Take Aim at Sales of Personal Information

Importance of Recurring Payment for Law Firms

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Connecticut’s Next Generation Data Privacy Law

What the ADPPA Means for U.S. Data Regulation

Richard Susskind + Mark Cohen on Digital Transformation + Legal Tech

Tech Ticker Issue 42: January 2023

Overview of Global AI Regulatory Developments and Some Tips to Reduce Risk

Stay Connected