
The DELETE Act (SB 362) has passed the California Legislature and is awaiting Governor Gavin Newsom’s signature.
What do you need to know?
You may be a data broker without
Continue Reading California Is Going for Broke(r)The Latest Developments in Global Data Privacy Law, and Data Breach Prevention and Response
The DELETE Act (SB 362) has passed the California Legislature and is awaiting Governor Gavin Newsom’s signature.
What do you need to know?
You may be a data broker without…
Continue Reading California Is Going for Broke(r)Do new U.S. state laws require you to do a DPIA?
Some pointers:
Why is the new noyb action against websites and data brokers regarding cookie-based authentication important for compliance with the new U.S. privacy laws?
Because they set out to equivocally confirm…
Continue Reading To Best Comply With US Privacy Laws, It Can Be Helpful to Look to Europe“The times they are a-changin’,” Bob Dylan sang almost 60 years ago. And when it comes to consumers’ reasonable expectations of privacy, they are still a-changin.
I recently participated in…
Continue Reading US Privacy Laws and Legislation: What You Need to KnowThe California Privacy Protection Agency (CPPA) has issued a Final Statement of Reasons for amended California Consumer Privacy (CCPA) regulations.
Key Points:
The amendments were “necessary” (used 135 times), just…
Continue Reading CPPA Issues Final Statement of Reasons for Amended CCPA RegulationsIf you are a GDPR-compliant company, does that mean you can start doing business in the United States with no additional thoughts about privacy?
As Simon Cowell says: “It’s a…
Continue Reading What Does the EU-US “Draftequacy” Decision Mean for Companies Right Now?You need a data retention plan. No really.
And not just in the European Union. In California too.
Commission Nationale de l’Informatique et des Libertés (CNIL) has fined messaging platform…
Continue Reading Make Sure You Have a Good Data Retention Plan. You Need It.For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.
That was a key facet of what I discussed last week on an anonymization panel during the IAPP…
Continue Reading Deidentification vs Anonymization: What Is Enough?Employers should have in place a process to delete former employees’ information – including public facing information and photos – to meet their retention limitation requirements, according to the Belgian…
Continue Reading Caveat Employer? In the EU and California, Employers Must Beware!After the recent Court of Justice of the European Union decision on sensitive inferences that can be drawn from the name of your spouse, it is fair to ask: Is…
Continue Reading Is Everything Sensitive Data?