USA

Virginia is the latest state to adopt a consumer privacy law, with the Virginia Consumer Data Protection Act (CDPA) signed by the governor in early March. The bill adopts some of the terms seen in the California Privacy Rights Act (CPRA), most notably regarding the collection of sensitive personal data…

If you’ve ever struggled through a maze of online customer service to cancel a subscription or delete an account, you’ve likely encountered “dark patterns” — user interfaces that are designed to trick and frustrate users. The concept was coined in 2010 but is slowly being addressed in US legislation, with California…

COVID-19 may have slowed down business, but it hasn’t slowed down time. Meeting the deadlines to demonstrate compliance with cybersecurity regulations and certification standards under pandemic conditions is proving to be a challenge for some companies. A survey of 100 North American CISOs that was conducted last June and whose findings were…

Last week, California’s Attorney General Xavier Becerra testified before the U.S. Senate Committee on Commerce, Science, and Transportation in a hearing entitled, “Revisiting the Need for Data Privacy Legislation”. Becerra’s testimony included a request that the Senate not preempt the California Consumer Privacy Act (“CCPA”) by passing a federal data privacy law. A new…

More than half of enterprises have no intention of ceasing or reducing their reliance on US-based or non-European Economic Area (EEA) data processors despite the Schrems II ruling, a survey conducted by legal experts at Fieldfisher has found. Of the 138 anonymous responses received from enterprises, about 75% indicated that half or…

The U.S. Setting an American Framework to Ensure Data Access, Transparency, and Accountability Act (SAFE DATA) represents the latest stage of evolution in omnibus federal privacy legislation. The bill is sponsored by Sen. Roger Wicker, R-Miss., who chairs the Senate Committee on Commerce, Science, & Transportation, and co-sponsored by several other…

The Wall Street Journal reported Sept. 9 that Ireland’s Data Protection Commissioner issued a preliminary order that Facebook must stop transferring user data to the U.S. The order, which was reported based on anonymous sources “according to people familiar with the matter,” follows the Court of Justice of the European Union’s ruling…

September 16, 12:00p.m. – 1:00p.m. The legal and ethical need to protect personally sensitive data is well understood. Equally, the extra-territorial reach of the EU’s GDPR legislation and the trans-Atlantic Privacy Shield agreement have been part of the recent landscape for doing business. However, COVID notwithstanding, this year is upsetting…

This issue is a big deal, but one that comes as little surprise to those following subject.  As you may have already heard, the Court of Justice of the European Union (ECJ) recently ruled that the current data transfer agreement between the European Union and the United States known as the…

The country needs to pass federal privacy legislation to establish a national standard for individual rights. Today, too many state laws exist, creating confusion and duplication. We need to create a national standard that would apply to all businesses and organizations. By not having a national standard, we miss the…