Consistent with recent expansions to state data breach notification laws, Colorado recently enacted an expanded data privacy law that strengthens the state’s existing breach notification law and that requires policies and procedures concerning the … [Read more] about Colorado Enacts Expanded Data Breach Notification Law
In early May, a group called Californians for Consumer Privacy gathered enough signatures for the Consumer Right to Privacy Act (CRPA) to qualify for the November 2018 ballot. The ballot initiative builds on existing California laws directed at … [Read more] about Momentum Building for California’s Consumer Right to Privacy Act Ballot Initiative
The GDPR entered into force on May 25, 2018. One of the GDPR’s core going-forward obligations is the duty to conduct Data Protection Impact Assessments (DPIAs) over processing activities that create a “high risk” to individuals’ privacy. DPIAs … [Read more] about German DPAs Issue DPIA Blacklists; Many Companies Likely to be Affected
The GDPR entered into force on May 25, 2018. One of the GDPR’s core going-forward obligations is the duty to conduct Data Protection Impact Assessments (DPIAs) over processing activities that create a “high risk” to individuals’ privacy. DPIAs … [Read more] about On GDPR Day, Austrian DPA issues First Binding DPIA Whitelist
The Georgia Court of Appeals recently reaffirmed its prior conclusion that there is no duty to safeguard personal information under Georgia law. In McConnell v. Ga. Dep’t of Labor, --- S.E.2d ----, 2018 WL 2173252 (Ga. App. May 11, 2018), the Court … [Read more] about Georgia Court of Appeals Reaffirms Lack of Duty to Safeguard Personal Information