Alston & Bird Privacy, Cyber & Data Strategy Blog

Privacy & Cyber Regulatory Enforcement

To Delete or Not to Delete: Can 23andMe Really Sell Genetic Data Via Bankruptcy?

By , , , , and

On March 23, 2025, 23andMe Holding Co. (“23andMe”) filed for bankruptcy in the Eastern District of Missouri, potentially setting in motion the sale of genetic data collected from more than 15 million people.  This has led to news outlets and state Attorneys General encouraging consumers to delete their 23andMe data before it is sold as […]

European Commission Moves to Extend Free Flows of Personal Data to the UK

By and

On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK to continue until December 2025. The existing adequacy decision – which was adopted in 2021 in […]

Belgian Data Protection Authority Issues Updated Guidance on Direct Marketing Rules

By and

On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch). The BDPA reviewed its original guidance to help companies from all sectors navigate applicable EU privacy and data protection law requirements […]

Key Takeaways from CPPA’s Recent Settlement with an Automotive Manufacturer for Alleged CCPA Violations

By and

On March 12, 2025, the California Privacy Protection Agency (CPPA) published its decision approving a Stipulated Final Order (Order) against a major automotive manufacturer (company) for violations of the California Consumer Privacy Act (CCPA).  The Order requires the company to pay a $632,500 fine and implement several changes to its data handling practices. These changes […]

Peter Swire’s Work Recognized by IAPP

By and

  The International Association of Privacy Professionals (IAPP) recently recognized Alston & Bird Senior Counsel Peter Swire as part of the IAPP’s “25 Leaders, 25 Moments at 25 Years” series. The IAPP, an organization with over 80,000 professionals around the globe, recognized Peter for his work writing the IAPP’s first textbook on U.S. privacy law. […]