Under a Vermont law, data brokers that process information regarding Vermont residents are now subject to registration and security requirements beginning January 1, 2019. Included in the new law are three notable components: (1) a broad statutory … [Read more] about Vermont Passes New Data Broker Law
On June 12, 2018, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) passed a resolution calling on the European Commission to suspend the EU-U.S. Privacy Shield unless the U.S. fully complies with the framework’s … [Read more] about European Parliament’s Civil Liberties Committee Targets EU-U.S. Privacy Shield, Cloud Act
Consistent with recent expansions to state data breach notification laws, Colorado recently enacted an expanded data privacy law that strengthens the state’s existing breach notification law and that requires policies and procedures concerning the … [Read more] about Colorado Enacts Expanded Data Breach Notification Law
In early May, a group called Californians for Consumer Privacy gathered enough signatures for the Consumer Right to Privacy Act (CRPA) to qualify for the November 2018 ballot. The ballot initiative builds on existing California laws directed at … [Read more] about Momentum Building for California’s Consumer Right to Privacy Act Ballot Initiative
The GDPR entered into force on May 25, 2018. One of the GDPR’s core going-forward obligations is the duty to conduct Data Protection Impact Assessments (DPIAs) over processing activities that create a “high risk” to individuals’ privacy. DPIAs … [Read more] about German DPAs Issue DPIA Blacklists; Many Companies Likely to be Affected