California Privacy Update: CA Legislature Passes Bills Regulating Health and Genetic Privacy
202009.15
0

California Privacy Update: CA Legislature Passes Bills Regulating Health and Genetic Privacy

The California legislature recently passed several privacy-related bills, including Assembly Bill 713 (AB 713) and Senate Bill 980 (SB 980). AB 713 amends the California Consumer Privacy Act (CCPA) to exempt specific health information from the CCPA. SB 980, or the Genetic Information Privacy Act (the “Act”), creates data privacy and security compliance obligations for…

Swiss Data Commissioner Downgrades U.S. for Inadequate Personal Data Protection
202009.09
0

Swiss Data Commissioner Downgrades U.S. for Inadequate Personal Data Protection

Following a reassessment of the Swiss-U.S. Privacy Shield framework, Adrian Lobsiger, the Federal Data Protection and Information Commissioner of Switzerland (Commissioner), has downgraded the U.S. ranking in terms of its data protection practices. The Commissioner concluded in his policy paper of September 8, 2020, that the Swiss-U.S. Privacy Shield, does not provide “adequate protection under certain circumstances.”  

California Legislature Extends CCPA’s Employee & Business-to-Business Exemptions
202009.02
0

California Legislature Extends CCPA’s Employee & Business-to-Business Exemptions

On August 30, 2020, the California state legislature passed Assembly Bill 1281 (AB-1281), which amends the California Consumer Privacy Act (CCPA) to extend the CCPA’s employee and business-to-business exemptions by one year, until January 1, 2022.  Under these exemptions, businesses subject to the CCPA are not required to comply with the CCPA’s full requirements regarding…

Remote Work: Privacy & Security Best Practices
202008.13
0

Remote Work: Privacy & Security Best Practices

The emergence of COVID-19 has pushed many organizations to implement a remote workforce policy by necessity. While working remotely has its benefits, remote workers can bring added security risks to an organization of any size. Many cybercriminals are targeting remote workers, as the security measures used in remote working environments can be much easier to…

Schrems II: Reactions and Preliminary Guidance from Data Protection Authorities
202007.31
0

Schrems II: Reactions and Preliminary Guidance from Data Protection Authorities

In the wake of the Court of Justice of the European Union’s (CJEU or Court) Schrems II decision invalidating the Privacy Shield but upholding Standard Contractual Clauses (SCCs), many EU Data Protection Authorities (DPAs) have provided initial thoughts and reactions to the decision and indications that guidance from such DPAs will be forthcoming.  Below, we…

Key Takeaways from European Data Protection Board’s Schrems II Guidance
202007.30
0

Key Takeaways from European Data Protection Board’s Schrems II Guidance

Roughly a week after the Court of Justice of the European Union’s (CJEU or Court) Schrems II decision was released, the European Data Protection Board (EDPB) published Guidance addressing some frequently asked questions received by Data Protection Authorities (DPAs).  Key points from the EDPB’s Guidance include the following: Implications on Other Transfer Mechanisms.  The threshold…

EU High Court Invalidates Privacy Shield, SCC’s Survive (for Now):  What Organizations Seeking to Transfer EU Personal Data to the U.S. (and Elsewhere) Should Do Next
202007.17
0

EU High Court Invalidates Privacy Shield, SCC’s Survive (for Now): What Organizations Seeking to Transfer EU Personal Data to the U.S. (and Elsewhere) Should Do Next

Yesterday, the Court of Justice of the European Union (“CJEU” or “Court”) reached a landmark decision in the Schrems II case (case C-311/18) (the “Schrems II Decision”) invalidating the EU-U.S. Privacy Shield framework.  The following are our top takeaways from the CJEU’s decision: Invalidation of the Privacy Shield in its entirety, effective immediately.  The CJEU…

Mitigating Vendor Privacy & Security Risks During Pandemic
202006.22
0

Mitigating Vendor Privacy & Security Risks During Pandemic

In the wake of COVID-19, many organizations found themselves transitioning to the remote world of telework. Just months later, as states begin lifting precautionary stay-at-home orders, organizations find themselves straddling the transition back to work-as-usual in a COVID-19 conscious world, as well as balancing continued telework operations. As organizations strive to reboot day-to-day physical operations,…

Growth of Online Meeting Platforms and Online Security Issues
202006.12
0

Growth of Online Meeting Platforms and Online Security Issues

Online meeting platform use has surged due to events that have unfolded over the past few months, making digital communication an integral part of many day to day business operations.  Many organizations discovered that online meeting platforms can provide a convenient form of communication and collaboration between team members operating in telework environments. However, along…

202006.03
0

U.S. Return to Work Checklist

Click here to access our U.S. Return to Work Checklist addressing workplace safety obligations, anti-discrimination obligations, employee accommodation and leave obligations, data protection and privacy obligations, and record retention obligations for employers as they bring employees back to work as state “Stay at Home” orders related to COVID-19 are lifted.

The CPRA Ballot Initiative: Is It Time to Begin Preparing for CCPA 2.0?
202006.02
0

The CPRA Ballot Initiative: Is It Time to Begin Preparing for CCPA 2.0?

in CCPA

California citizens will most likely be asked to vote this November on a new privacy protection ballot initiative—the California Privacy Rights Act (“CPRA,” aka “CCPA 2.0”).  This latest measure aims to more closely mirror the EU’s General Data Protection Regulation (“GDPR”) by establishing broader consumer privacy rights than the current California Consumer Privacy Act (“CCPA”)…

COVID-19 Will Not Delay Enforcement of the CCPA Act
202005.12
0

COVID-19 Will Not Delay Enforcement of the CCPA Act

California’s Attorney General, Xavier Becerra (the AG), has no plans to delay enforcement of the California Consumer Protection Act (CCPA or the Act) during the COVID-19 public health emergency. Although the CCPA went into effect on January 1, 2020, the statute does not authorize enforcement of the Act to begin until July 1, 2020, or…