The emergence of COVID-19 has pushed many organizations to implement a remote workforce policy by necessity. While working remotely has its benefits, remote workers can bring added security risks to an organization of any size. Many cybercriminals are targeting remote workers, as the security measures used in remote working environments can be much easier to…
In the wake of the Court of Justice of the European Union’s (CJEU or Court) Schrems II decision invalidating the Privacy Shield but upholding Standard Contractual Clauses (SCCs), many EU Data Protection Authorities (DPAs) have provided initial thoughts and reactions to the decision and indications that guidance from such DPAs will be forthcoming. Below, we…
Roughly a week after the Court of Justice of the European Union’s (CJEU or Court) Schrems II decision was released, the European Data Protection Board (EDPB) published Guidance addressing some frequently asked questions received by Data Protection Authorities (DPAs). Key points from the EDPB’s Guidance include the following: Implications on Other Transfer Mechanisms. The threshold…
Yesterday, the Court of Justice of the European Union (“CJEU” or “Court”) reached a landmark decision in the Schrems II case (case C-311/18) (the “Schrems II Decision”) invalidating the EU-U.S. Privacy Shield framework. The following are our top takeaways from the CJEU’s decision: Invalidation of the Privacy Shield in its entirety, effective immediately. The CJEU…
In the wake of COVID-19, many organizations found themselves transitioning to the remote world of telework. Just months later, as states begin lifting precautionary stay-at-home orders, organizations find themselves straddling the transition back to work-as-usual in a COVID-19 conscious world, as well as balancing continued telework operations. As organizations strive to reboot day-to-day physical operations,…
Online meeting platform use has surged due to events that have unfolded over the past few months, making digital communication an integral part of many day to day business operations. Many organizations discovered that online meeting platforms can provide a convenient form of communication and collaboration between team members operating in telework environments. However, along…
Click here to access our U.S. Return to Work Checklist addressing workplace safety obligations, anti-discrimination obligations, employee accommodation and leave obligations, data protection and privacy obligations, and record retention obligations for employers as they bring employees back to work as state “Stay at Home” orders related to COVID-19 are lifted.
California citizens will most likely be asked to vote this November on a new privacy protection ballot initiative—the California Privacy Rights Act (“CPRA,” aka “CCPA 2.0”). This latest measure aims to more closely mirror the EU’s General Data Protection Regulation (“GDPR”) by establishing broader consumer privacy rights than the current California Consumer Privacy Act (“CCPA”)…
California’s Attorney General, Xavier Becerra (the AG), has no plans to delay enforcement of the California Consumer Protection Act (CCPA or the Act) during the COVID-19 public health emergency. Although the CCPA went into effect on January 1, 2020, the statute does not authorize enforcement of the Act to begin until July 1, 2020, or…
On April 30, 2020, Senator Roger Wicker (R-Miss.), chairman of the U.S. Senate Committee on Commerce, Science, and Transportation announced his plan to introduce the “COVID-19 Consumer Data Protection Act.” The bill, which is co-sponsored by three Republican Senators—Senator John Thune (R-S.D.), Senator Jerry Moran (R-Kan.), and Senator Marsha Blackburn (R-Tenn.)—aims to protect consumer geolocation…
LinkedIn is challenging the U.S. Court of Appeals for the Ninth Circuit’s September ruling that the data aggregation and analytics company, hiQ Labs, Inc., can “scrape” personal data of users from LinkedIn’s platform, analyze the data, and sell its findings to employers. Earlier this month, the Supreme Court granted an extension for LinkedIn to submit…
Laura Clark Fey presented Lessons Learned from Recent Data Breaches & Ten Critical Steps to Reduce Your Organization’s Risk of Becoming the Next Data Breach Victim at the IMA Kansas City Fall Conference, on October 25, 2019, at Parkville, Missouri. Huge data breaches continue to make headlines. Billions of personal data records have been breached…
(913)948-6300 
