Are you over 18 and want to see adult content?
More Annotations
A complete backup of http://hotscopes.com/
Are you over 18 and want to see adult content?
A complete backup of https://christchurchconstantia.weebly.com/
Are you over 18 and want to see adult content?
A complete backup of https://site-stats.org/peliculas3d.net/
Are you over 18 and want to see adult content?
A complete backup of http://uis.unesco.org/fr/country/tn
Are you over 18 and want to see adult content?
A complete backup of https://www.babeshows.co.uk/forumdisplay.php?fid=368
Are you over 18 and want to see adult content?
A complete backup of https://www.reddit.com/domain/u.jimdo.com/
Are you over 18 and want to see adult content?
A complete backup of https://worldmusic.net/
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of https://pringlescotland.com
Are you over 18 and want to see adult content?
A complete backup of https://lelievreparis.com
Are you over 18 and want to see adult content?
A complete backup of https://gubernia.com
Are you over 18 and want to see adult content?
A complete backup of https://healthpulls.com
Are you over 18 and want to see adult content?
A complete backup of https://johnprine.com
Are you over 18 and want to see adult content?
A complete backup of https://neatline.org
Are you over 18 and want to see adult content?
A complete backup of https://careerjimmy.com
Are you over 18 and want to see adult content?
A complete backup of https://sadtohappyproject.com
Are you over 18 and want to see adult content?
A complete backup of https://tirant.com
Are you over 18 and want to see adult content?
A complete backup of https://legrandmagasindeputeaux.com
Are you over 18 and want to see adult content?
A complete backup of https://financenewsworld.com
Are you over 18 and want to see adult content?
Text
INSIDE PRIVACY
Yesterday the Supreme Court issued a decision in Van Buren v.United States, No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially EUROPEAN COMMISSION PUBLISHES NEW STANDARD CONTRACTUAL Today, June 4 th, 2021, the European Commission (“Commission”) published the final version of its new standard contractual clauses for the international transfer of personal data (“SCCs”) (see here).). While the final version retains much of the language of the draft version released in November 2020 (see here), it includes several notable updates. 2021 STATE PRIVACY LEGISLATION ROUNDUP: CALIFORNIA Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. IRISH DPC PUBLISHES DRAFT FUNDAMENTALS FOR A CHILD On December 18, 2020, the Irish Data Protection Commission (“DPC”) published its draft Fundamentals for a Child-Oriented Approach to Data Processing (the “Fundamentals”). The Fundamentals introduce child-specific data protection principles and measures, which are designed to protect children against data processing risks when they access services, both online and off-line. CHINA ENACTS ENCRYPTION LAW China Enacts Encryption Law. On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in futureimplementing
SENATORS MARKEY AND CASSIDY INTRODUCE BILL TO UPDATE THE Recent Updates. German Supervisory Authorities Probe Data Transfers; European Commission Publishes New Standard Contractual Clauses; Supreme Court Adopts Narrow Reading of the CFAA in Van Buren v. NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification GDPR CONTRACTS AND LIABILITIES BETWEEN CONTROLLERS AND On 13 September, the Information Commissioner’s Office (ICO) published draft guidance on GDPR contracts and liabilities on contracts between controllers and processors under the GDPR (the “Guidance”). The ICO is consulting on the Guidance until 10 October.. We summarize the key aspects of the Guidance below. CROSS-BORDER DATA TRANSFER: A CHINA PERSPECTIVE Cross-Border Data Transfer: A China Perspective. When China’s new Cybersecurity Law takes effect on June 1, 2017, China will become another important jurisdiction to watch in the international data transfer space. Before the new Cybersecurity Law officially was promulgated on November 7, 2016, cross-border data transfer of datafrom China was
CHINESE AUTHORITIES RELEASE CATALOG OF NETWORK AND On June 9, 2017, the Cyberspace Administration of China (“CAC”), together with three other agencies, released a Catalog of Critical Network Equipment and Network Security Products (First Batch) (“the Catalog,” original Chinese version available here).). It specifies network products that must be certified before they can be marketed inChina.
INSIDE PRIVACY
Yesterday the Supreme Court issued a decision in Van Buren v.United States, No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially EUROPEAN COMMISSION PUBLISHES NEW STANDARD CONTRACTUAL Today, June 4 th, 2021, the European Commission (“Commission”) published the final version of its new standard contractual clauses for the international transfer of personal data (“SCCs”) (see here).). While the final version retains much of the language of the draft version released in November 2020 (see here), it includes several notable updates. 2021 STATE PRIVACY LEGISLATION ROUNDUP: CALIFORNIA Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. IRISH DPC PUBLISHES DRAFT FUNDAMENTALS FOR A CHILD On December 18, 2020, the Irish Data Protection Commission (“DPC”) published its draft Fundamentals for a Child-Oriented Approach to Data Processing (the “Fundamentals”). The Fundamentals introduce child-specific data protection principles and measures, which are designed to protect children against data processing risks when they access services, both online and off-line. CHINA ENACTS ENCRYPTION LAW China Enacts Encryption Law. On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in futureimplementing
SENATORS MARKEY AND CASSIDY INTRODUCE BILL TO UPDATE THE Recent Updates. German Supervisory Authorities Probe Data Transfers; European Commission Publishes New Standard Contractual Clauses; Supreme Court Adopts Narrow Reading of the CFAA in Van Buren v. NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification GDPR CONTRACTS AND LIABILITIES BETWEEN CONTROLLERS AND On 13 September, the Information Commissioner’s Office (ICO) published draft guidance on GDPR contracts and liabilities on contracts between controllers and processors under the GDPR (the “Guidance”). The ICO is consulting on the Guidance until 10 October.. We summarize the key aspects of the Guidance below. CROSS-BORDER DATA TRANSFER: A CHINA PERSPECTIVE Cross-Border Data Transfer: A China Perspective. When China’s new Cybersecurity Law takes effect on June 1, 2017, China will become another important jurisdiction to watch in the international data transfer space. Before the new Cybersecurity Law officially was promulgated on November 7, 2016, cross-border data transfer of datafrom China was
CHINESE AUTHORITIES RELEASE CATALOG OF NETWORK AND On June 9, 2017, the Cyberspace Administration of China (“CAC”), together with three other agencies, released a Catalog of Critical Network Equipment and Network Security Products (First Batch) (“the Catalog,” original Chinese version available here).). It specifies network products that must be certified before they can be marketed inChina.
CHINA ENACTS DATA SECURITY LAW On June 10, 2021, the Standing Committee of China’s National People’s Congress (“NPC”) enacted the Data Security Law (“DSL”), which will take effect on September 1, 2021 (the official Chinese version is available here and Covington’s unofficial English translation is available here).This law creates a framework for the protection of broadly defined “data security” from a FRENCH CNIL PUBLISHES RECOMMENDATIONS FOR PROTECTING On June 9, 2021, the French Supervisory Authority (“CNIL”) published recommendations to help strengthen the protection of minors online (see here, in French). These recommendations are the result of a survey and public consultation conducted by the CNIL in 2020, which focused on the digital practices of minors (see our blog post here).). The results of the CNIL’s survey and public GERMAN SUPERVISORY AUTHORITIES PROBE DATA TRANSFERS On June 1, 2021, several German supervisory authorities (“SAs”) announced the launch of a “nationwide investigation” into German companies transferring personal data outside of COUNCIL OF THE EU RELEASED A (NEW) DRAFT OF THE EPRIVACY On January 5, 2021, the Council of the European Union released a new, draft version of the ePrivacy Regulation, which is meant to replacethe ePrivacy
COLORADO LEGISLATURE PASSES COMPREHENSIVE CONSUMER PRIVACY Colorado is poised to join the growing number of states enacting a comprehensive privacy law. On Monday, June 7, both houses of thelegislature passed
FCC IMPOSES NEW REQUIREMENTS ON NONMARKETING PRERECORDED On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for “CYBER SHIELD ACT” CALLING FOR IOT DEVICE CERTIFICATION Sen. Ed Markey (D-MA) and Rep. Ted Lieu (D-CA-33) reintroduced the Cyber Shield Act on March 24, 2021. The proposed legislation is not new to Congress; Sen. Markey and Rep. Lieu previously introduced the Cyber Shield Act in both 2017 and 2019.However, the bill never made it to a vote in either the House or the Senate. NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification CHINA PUBLISHES LISTS AND RULES RELATED TO IMPORT AND On December 2, 2020, China’s Ministry of Commerce (“MOFCOM”), State Cryptography Agency (“SCA”), and the General Administration of Customs (“Customs”) jointly issued three documents related to import and export of commercial encryption items: List of Commercial Encryption Subject to Import Licensing Requirement (“ImportList”);
CROSS-BORDER DATA TRANSFER: A CHINA PERSPECTIVE Cross-Border Data Transfer: A China Perspective. When China’s new Cybersecurity Law takes effect on June 1, 2017, China will become another important jurisdiction to watch in the international data transfer space. Before the new Cybersecurity Law officially was promulgated on November 7, 2016, cross-border data transfer of datafrom China was
INSIDE PRIVACY
Yesterday the Supreme Court issued a decision in Van Buren v.United States, No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially EUROPEAN COMMISSION PUBLISHES NEW STANDARD CONTRACTUAL Today, June 4 th, 2021, the European Commission (“Commission”) published the final version of its new standard contractual clauses for the international transfer of personal data (“SCCs”) (see here).). While the final version retains much of the language of the draft version released in November 2020 (see here), it includes several notable updates. 2021 STATE PRIVACY LEGISLATION ROUNDUP: CALIFORNIA Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. COUNCIL OF THE EU RELEASED A (NEW) DRAFT OF THE EPRIVACY Recent Updates. European Commission Publishes New Standard Contractual Clauses; Supreme Court Adopts Narrow Reading of the CFAA in Van Burenv. United States
CHINA ENACTS ENCRYPTION LAW China Enacts Encryption Law. On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in futureimplementing
FCC IMPOSES NEW REQUIREMENTS ON On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for CHINA PUBLISHES LISTS AND RULES RELATED TO IMPORT AND On December 2, 2020, China’s Ministry of Commerce (“MOFCOM”), State Cryptography Agency (“SCA”), and the General Administration of Customs (“Customs”) jointly issued three documents related to import and export of commercial encryption items: List of Commercial Encryption Subject to Import Licensing Requirement (“ImportList”);
NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification CJEU RULES THAT FACEBOOK AND WEBSITE OPERATORS ARE JOINT On July 29, 2019, the Court of Justice of the European Union (“CJEU”) handed down its judgment in the Fashion ID case (Case C-40/17). The CJEU found that when a website operator embeds Facebook’s “Like” button on its website, Facebook and the website operator become joint controllers. CHINESE AUTHORITIES RELEASE CATALOG OF NETWORK AND On June 9, 2017, the Cyberspace Administration of China (“CAC”), together with three other agencies, released a Catalog of Critical Network Equipment and Network Security Products (First Batch) (“the Catalog,” original Chinese version available here).). It specifies network products that must be certified before they can be marketed inChina.
INSIDE PRIVACY
Yesterday the Supreme Court issued a decision in Van Buren v.United States, No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially EUROPEAN COMMISSION PUBLISHES NEW STANDARD CONTRACTUAL Today, June 4 th, 2021, the European Commission (“Commission”) published the final version of its new standard contractual clauses for the international transfer of personal data (“SCCs”) (see here).). While the final version retains much of the language of the draft version released in November 2020 (see here), it includes several notable updates. 2021 STATE PRIVACY LEGISLATION ROUNDUP: CALIFORNIA Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. COUNCIL OF THE EU RELEASED A (NEW) DRAFT OF THE EPRIVACY Recent Updates. European Commission Publishes New Standard Contractual Clauses; Supreme Court Adopts Narrow Reading of the CFAA in Van Burenv. United States
CHINA ENACTS ENCRYPTION LAW China Enacts Encryption Law. On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in futureimplementing
FCC IMPOSES NEW REQUIREMENTS ON On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for CHINA PUBLISHES LISTS AND RULES RELATED TO IMPORT AND On December 2, 2020, China’s Ministry of Commerce (“MOFCOM”), State Cryptography Agency (“SCA”), and the General Administration of Customs (“Customs”) jointly issued three documents related to import and export of commercial encryption items: List of Commercial Encryption Subject to Import Licensing Requirement (“ImportList”);
NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification CJEU RULES THAT FACEBOOK AND WEBSITE OPERATORS ARE JOINT On July 29, 2019, the Court of Justice of the European Union (“CJEU”) handed down its judgment in the Fashion ID case (Case C-40/17). The CJEU found that when a website operator embeds Facebook’s “Like” button on its website, Facebook and the website operator become joint controllers. CHINESE AUTHORITIES RELEASE CATALOG OF NETWORK AND On June 9, 2017, the Cyberspace Administration of China (“CAC”), together with three other agencies, released a Catalog of Critical Network Equipment and Network Security Products (First Batch) (“the Catalog,” original Chinese version available here).). It specifies network products that must be certified before they can be marketed inChina.
FRENCH CNIL PUBLISHES RECOMMENDATIONS FOR PROTECTING On June 9, 2021, the French Supervisory Authority (“CNIL”) published recommendations to help strengthen the protection of minors online (see here, in French). These recommendations are the result of a survey and public consultation conducted by the CNIL in 2020, which focused on the digital practices of minors (see our blog post here).). The results of the CNIL’s survey and publicSOPHIE HEROLD
Repeatedly ranked as having one of the best privacy practices in the world, Covington combines exceptional substantive expertise with an unrivaled understanding of the IT industry, and of e-commerce and digital media business models in particular. COLORADO LEGISLATURE PASSES COMPREHENSIVE CONSUMER PRIVACY Colorado is poised to join the growing number of states enacting a comprehensive privacy law. On Monday, June 7, both houses of thelegislature passed
FCC IMPOSES NEW REQUIREMENTS ON On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for COMMISSION EXPERT GROUP REPORT ON LIABILITY FOR EMERGING On November 21, 2019, the European Commission’s Expert Group on Liability and New Technologies – New Technologies Formation (“NTF”) published its Report on Liability for Artificial Intelligence and other emerging technologies.. The Commission tasked the NTF with establishing the extent to which liability frameworks in the EU will continue to operate effectively in relation to GERMAN SUPERVISORY AUTHORITY PUBLISHES NEW STANDARD On April 9, 2020, the German Supervisory Authority of Baden-Wuerttemberg published standard contractual clauses for data processors pursuant to Article 28(8) GDPR. It is the first German Supervisory Authority to do so, and the second in EU after the Danish Supervisory Authority published its own standard clauses in July 2019. However, while the Danish clauses passed the GDPR consistency “CYBER SHIELD ACT” CALLING FOR IOT DEVICE CERTIFICATION Sen. Ed Markey (D-MA) and Rep. Ted Lieu (D-CA-33) reintroduced the Cyber Shield Act on March 24, 2021. The proposed legislation is not new to Congress; Sen. Markey and Rep. Lieu previously introduced the Cyber Shield Act in both 2017 and 2019.However, the bill never made it to a vote in either the House or the Senate. SENATORS MARKEY AND CASSIDY INTRODUCE BILL TO UPDATE THE Recent Updates. German Supervisory Authorities Probe Data Transfers; European Commission Publishes New Standard Contractual Clauses; Supreme Court Adopts Narrow Reading of the CFAA in Van Buren v. NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification IRISH DPC PUBLISHES DRAFT FUNDAMENTALS FOR A CHILD On December 18, 2020, the Irish Data Protection Commission (“DPC”) published its draft Fundamentals for a Child-Oriented Approach to Data Processing (the “Fundamentals”). The Fundamentals introduce child-specific data protection principles and measures, which are designed to protect children against data processing risks when they access services, both online and off-line.INSIDE PRIVACY
Yesterday the Supreme Court issued a decision in Van Buren v.United States, No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially EUROPEAN COMMISSION PUBLISHES NEW STANDARD CONTRACTUAL Today, June 4 th, 2021, the European Commission (“Commission”) published the final version of its new standard contractual clauses for the international transfer of personal data (“SCCs”) (see here).). While the final version retains much of the language of the draft version released in November 2020 (see here), it includes several notable updates. 2021 STATE PRIVACY LEGISLATION ROUNDUP: CALIFORNIA Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. COUNCIL OF THE EU RELEASED A (NEW) DRAFT OF THE EPRIVACY Recent Updates. European Commission Publishes New Standard Contractual Clauses; Supreme Court Adopts Narrow Reading of the CFAA in Van Burenv. United States
FCC IMPOSES NEW REQUIREMENTS ON On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for CHINA ENACTS ENCRYPTION LAW China Enacts Encryption Law. On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in futureimplementing
CHINA PUBLISHES LISTS AND RULES RELATED TO IMPORT AND On December 2, 2020, China’s Ministry of Commerce (“MOFCOM”), State Cryptography Agency (“SCA”), and the General Administration of Customs (“Customs”) jointly issued three documents related to import and export of commercial encryption items: List of Commercial Encryption Subject to Import Licensing Requirement (“ImportList”);
NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification CJEU RULES THAT FACEBOOK AND WEBSITE OPERATORS ARE JOINT On July 29, 2019, the Court of Justice of the European Union (“CJEU”) handed down its judgment in the Fashion ID case (Case C-40/17). The CJEU found that when a website operator embeds Facebook’s “Like” button on its website, Facebook and the website operator become joint controllers. CHINESE AUTHORITIES RELEASE CATALOG OF NETWORK AND On June 9, 2017, the Cyberspace Administration of China (“CAC”), together with three other agencies, released a Catalog of Critical Network Equipment and Network Security Products (First Batch) (“the Catalog,” original Chinese version available here).). It specifies network products that must be certified before they can be marketed inChina.
INSIDE PRIVACY
Yesterday the Supreme Court issued a decision in Van Buren v.United States, No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially EUROPEAN COMMISSION PUBLISHES NEW STANDARD CONTRACTUAL Today, June 4 th, 2021, the European Commission (“Commission”) published the final version of its new standard contractual clauses for the international transfer of personal data (“SCCs”) (see here).). While the final version retains much of the language of the draft version released in November 2020 (see here), it includes several notable updates. 2021 STATE PRIVACY LEGISLATION ROUNDUP: CALIFORNIA Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. COUNCIL OF THE EU RELEASED A (NEW) DRAFT OF THE EPRIVACY Recent Updates. European Commission Publishes New Standard Contractual Clauses; Supreme Court Adopts Narrow Reading of the CFAA in Van Burenv. United States
FCC IMPOSES NEW REQUIREMENTS ON On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for CHINA ENACTS ENCRYPTION LAW China Enacts Encryption Law. On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in futureimplementing
CHINA PUBLISHES LISTS AND RULES RELATED TO IMPORT AND On December 2, 2020, China’s Ministry of Commerce (“MOFCOM”), State Cryptography Agency (“SCA”), and the General Administration of Customs (“Customs”) jointly issued three documents related to import and export of commercial encryption items: List of Commercial Encryption Subject to Import Licensing Requirement (“ImportList”);
NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification CJEU RULES THAT FACEBOOK AND WEBSITE OPERATORS ARE JOINT On July 29, 2019, the Court of Justice of the European Union (“CJEU”) handed down its judgment in the Fashion ID case (Case C-40/17). The CJEU found that when a website operator embeds Facebook’s “Like” button on its website, Facebook and the website operator become joint controllers. CHINESE AUTHORITIES RELEASE CATALOG OF NETWORK AND On June 9, 2017, the Cyberspace Administration of China (“CAC”), together with three other agencies, released a Catalog of Critical Network Equipment and Network Security Products (First Batch) (“the Catalog,” original Chinese version available here).). It specifies network products that must be certified before they can be marketed inChina.
SOPHIE HEROLD
Repeatedly ranked as having one of the best privacy practices in the world, Covington combines exceptional substantive expertise with an unrivaled understanding of the IT industry, and of e-commerce and digital media business models in particular. FCC IMPOSES NEW REQUIREMENTS ON On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for GERMAN SUPERVISORY AUTHORITIES PROBE DATA TRANSFERS On June 1, 2021, several German supervisory authorities (“SAs”) announced the launch of a “nationwide investigation” into German companies transferring personal data outside of COLORADO LEGISLATURE PASSES COMPREHENSIVE CONSUMER PRIVACY Colorado is poised to join the growing number of states enacting a comprehensive privacy law. On Monday, June 7, both houses of thelegislature passed
COMMISSION EXPERT GROUP REPORT ON LIABILITY FOR EMERGING On November 21, 2019, the European Commission’s Expert Group on Liability and New Technologies – New Technologies Formation (“NTF”) published its Report on Liability for Artificial Intelligence and other emerging technologies.. The Commission tasked the NTF with establishing the extent to which liability frameworks in the EU will continue to operate effectively in relation to GERMAN SUPERVISORY AUTHORITY PUBLISHES NEW STANDARD On April 9, 2020, the German Supervisory Authority of Baden-Wuerttemberg published standard contractual clauses for data processors pursuant to Article 28(8) GDPR. It is the first German Supervisory Authority to do so, and the second in EU after the Danish Supervisory Authority published its own standard clauses in July 2019. However, while the Danish clauses passed the GDPR consistency IRISH DPC PUBLISHES DRAFT FUNDAMENTALS FOR A CHILD On December 18, 2020, the Irish Data Protection Commission (“DPC”) published its draft Fundamentals for a Child-Oriented Approach to Data Processing (the “Fundamentals”). The Fundamentals introduce child-specific data protection principles and measures, which are designed to protect children against data processing risks when they access services, both online and off-line. NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notification GERMAN SUPERVISORY AUTHORITIES PLAN TO CIRCULATE On February 3, 2021, the Conference of the Supervisory Authorities (“SAs”) of Germany (known as the Datenschutzkonferenz or “DSK”) published minutes from its meetings held in November 2020 (available here, in German). The minutes include discussions about how the German SAs plan to enforce the recent Schrems II ruling of the Court of Justice of the European Union (“CJEU”). EDPB PUBLISHES ARTICLE 28 STANDARD CLAUSES ADOPTED BY On December 11, 2019, the European Data Protection Board (“EDPB”) published the final text of the standard clauses adopted by the Danish Supervisory Authority (Datatilsynet, hereafter “Danish SA”) pursuant to Article 28(8) of the General Data Protection Regulation (“GDPR”). The Danish clauses are now accessible on the EDPB’s register of decisions taken by Supervisory Authorities.INSIDE PRIVACY
Yesterday the Supreme Court issued a decision in Van Buren v.United States, No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially 2021 STATE PRIVACY LEGISLATION ROUNDUP: CALIFORNIA Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. RECENT CASES ON E-MAIL "SPOOFING" COVERAGE HIGHLIGHT THE By Benjamin Duke, Matt Schlesinger, and Scott Levitt . Two recent federal district court decisions involving computer “spoofing” scams highlight the uncertainty about whether such incidents may be covered under standard “computer fraud” provisions in widely used crime insurance forms. CHINA ENACTS ENCRYPTION LAW China Enacts Encryption Law. On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in futureimplementing
MAKING THE BUSINESS CASE FOR PRIVACY AND DATA SECURITYPRIVACY POLICY FOR SMALL BUSINESSBUSINESS CASE FOR PRIVACYBUSINESS PRIVACY POLICYBUSINESS PRIVACY ACTBUSINESS PRIVACY LAWSBUSINESS PRIVACY LAW According to TRUSTe, 88% of U.S. adults report that they avoid doing business with companies that do not protect users’ privacy online. In a Forrester survey of 37,000 U.S. and Canadian online adults, 44% said that they had not completed an online transaction because of something they read in a privacy policy. A recent Edelman survey found GDPR CONTRACTS AND LIABILITIES BETWEEN CONTROLLERS ANDGDPR PDFGDPR VIOLATION CASESGDPR VIOLATION REPORTGDPR 4 % PENALTYGDPR PENALTY AMOUNTGDPR ADEQUACY COUNTRIES On 13 September, the Information Commissioner’s Office (ICO) published draft guidance on GDPR contracts and liabilities on contracts between controllers and processors under the GDPR (the “Guidance”). The ICO is consulting on the Guidance until 10 October.. We summarize the key aspects of the Guidance below. EU REGULATORS PROVIDE GUIDANCE ON NOTICE AND CONSENT UNDER EU Regulators Provide Guidance on Notice and Consent under GDPR. The Article 29 Working Party (WP29) has published long-awaited draft guidance on transparency and consent under the General Data Protection Regulation (“GDPR”) . We are continuing to analyze the lengthy guidance documents, but wanted to highlight some immediate reactionsand
CROSS-BORDER DATA TRANSFER: A CHINA PERSPECTIVE Cross-Border Data Transfer: A China Perspective. When China’s new Cybersecurity Law takes effect on June 1, 2017, China will become another important jurisdiction to watch in the international data transfer space. Before the new Cybersecurity Law officially was promulgated on November 7, 2016, cross-border data transfer of datafrom China was
MASSACHUSETTS AMENDS DATA BREACH NOTIFICATION LAW TOCREDIT BUREAU DATA BREACHCREDIT CARD DATA BREACHDATA BREACH CREDIT MONITORING SERVICES The Governor of Massachusetts recently signed House Bill No. 4806 into law, which will amend certain provisions of the state’s data breach notification law. In addition to changing the information that must be included in notifications to regulators and individuals, the amendments will also require entities to provide eighteen months of free credit monitoring services following breaches HITECH UPDATE #11: NEW RESTRICTIONS ON "SALE" OF PERSONALDEFINITION OFPHI
This post is part of our series on key aspects of the final HITECH omnibus rule published by the U.S. Department of Health and Human Services (HHS) in the Federal Register on January 25, 2013. Previous posts are available here.The regulations are effective March 26, 2013, but covered entities and business associates have until September 23, 2013, to comply with most new requirements.INSIDE PRIVACY
Yesterday the Supreme Court issued a decision in Van Buren v.United States, No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially 2021 STATE PRIVACY LEGISLATION ROUNDUP: CALIFORNIA Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. RECENT CASES ON E-MAIL "SPOOFING" COVERAGE HIGHLIGHT THE By Benjamin Duke, Matt Schlesinger, and Scott Levitt . Two recent federal district court decisions involving computer “spoofing” scams highlight the uncertainty about whether such incidents may be covered under standard “computer fraud” provisions in widely used crime insurance forms. CHINA ENACTS ENCRYPTION LAW China Enacts Encryption Law. On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in futureimplementing
MAKING THE BUSINESS CASE FOR PRIVACY AND DATA SECURITYPRIVACY POLICY FOR SMALL BUSINESSBUSINESS CASE FOR PRIVACYBUSINESS PRIVACY POLICYBUSINESS PRIVACY ACTBUSINESS PRIVACY LAWSBUSINESS PRIVACY LAW According to TRUSTe, 88% of U.S. adults report that they avoid doing business with companies that do not protect users’ privacy online. In a Forrester survey of 37,000 U.S. and Canadian online adults, 44% said that they had not completed an online transaction because of something they read in a privacy policy. A recent Edelman survey found GDPR CONTRACTS AND LIABILITIES BETWEEN CONTROLLERS ANDGDPR PDFGDPR VIOLATION CASESGDPR VIOLATION REPORTGDPR 4 % PENALTYGDPR PENALTY AMOUNTGDPR ADEQUACY COUNTRIES On 13 September, the Information Commissioner’s Office (ICO) published draft guidance on GDPR contracts and liabilities on contracts between controllers and processors under the GDPR (the “Guidance”). The ICO is consulting on the Guidance until 10 October.. We summarize the key aspects of the Guidance below. EU REGULATORS PROVIDE GUIDANCE ON NOTICE AND CONSENT UNDER EU Regulators Provide Guidance on Notice and Consent under GDPR. The Article 29 Working Party (WP29) has published long-awaited draft guidance on transparency and consent under the General Data Protection Regulation (“GDPR”) . We are continuing to analyze the lengthy guidance documents, but wanted to highlight some immediate reactionsand
CROSS-BORDER DATA TRANSFER: A CHINA PERSPECTIVE Cross-Border Data Transfer: A China Perspective. When China’s new Cybersecurity Law takes effect on June 1, 2017, China will become another important jurisdiction to watch in the international data transfer space. Before the new Cybersecurity Law officially was promulgated on November 7, 2016, cross-border data transfer of datafrom China was
MASSACHUSETTS AMENDS DATA BREACH NOTIFICATION LAW TOCREDIT BUREAU DATA BREACHCREDIT CARD DATA BREACHDATA BREACH CREDIT MONITORING SERVICES The Governor of Massachusetts recently signed House Bill No. 4806 into law, which will amend certain provisions of the state’s data breach notification law. In addition to changing the information that must be included in notifications to regulators and individuals, the amendments will also require entities to provide eighteen months of free credit monitoring services following breaches HITECH UPDATE #11: NEW RESTRICTIONS ON "SALE" OF PERSONALDEFINITION OFPHI
This post is part of our series on key aspects of the final HITECH omnibus rule published by the U.S. Department of Health and Human Services (HHS) in the Federal Register on January 25, 2013. Previous posts are available here.The regulations are effective March 26, 2013, but covered entities and business associates have until September 23, 2013, to comply with most new requirements. INSIDE PRIVACY AUDIOCAST: EPISODE 14 Repeatedly ranked as having one of the best privacy practices in the world, Covington combines exceptional substantive expertise with an unrivaled understanding of the IT industry, and of e-commerce and digital media business models in particular. EUROPEAN COMMISSION PUBLISHES 2-YEAR REPORT ON THE European Commission Publishes 2-Year Report on the Implementation of the GDPR. On June 24, 2020, the European Commission (“Commission”) published its much-anticipated assessment of the EU’s General Data Protection Regulation (“GDPR”) two years after it went into effect. The assessment takes into account contributions from theEuropean
SECTION 15(3) OF THE TELEMEDIA ACT On May 28, 2020, the German Federal Supreme Court handed down its decision in the Planet 49 case regarding the consent requirements forthe use of cookies.
GERMAN SUPERVISORY AUTHORITY PUBLISHES NEW STANDARD On April 9, 2020, the German Supervisory Authority of Baden-Wuerttemberg published standard contractual clauses for data processors pursuant to Article 28(8) GDPR. It is the first German Supervisory Authority to do so, and the second in EU after the Danish Supervisory Authority published its own standard clauses in July 2019. However, while the Danish clauses passed the GDPR consistency GERMAN AUTHORITIES ISSUE GUIDANCE RELATED TO CORONAVIRUS Over the past several days, Germany Supervisory Authorities and health authorities have issued statements and guidance about the handling of personal data in the context of the ongoing COVID-19 pandemic. In this blog, we consider some these statements in greater detail, as well as their implications for employers and employees. NEW YORK PASSES NEW DATA SECURITY AND BREACH NOTIFICATION On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law. The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending New York’s data breach notificationLUCA TOSONI
As we anticipated in a previous blog post, on April 22, 2020, the European Data Protection Board (“EDPB”) issued new guidelines on the use of location data and contact tracing apps in the context of the present COVID-19 pandemic. CROSS-BORDER DATA TRANSFER: A CHINA PERSPECTIVE Cross-Border Data Transfer: A China Perspective. When China’s new Cybersecurity Law takes effect on June 1, 2017, China will become another important jurisdiction to watch in the international data transfer space. Before the new Cybersecurity Law officially was promulgated on November 7, 2016, cross-border data transfer of datafrom China was
KGABO MASHALANE
Kgabo Mashalane is a South African qualified lawyer in the anti-corruption and compliance practice, with experience advising on market entry considerations, research on anti-corruption and bribery in Senegal, Mauritania, and Ghana. She has advised international clients on lobbying compliance laws in South Africa in interactions with members of government, parliament, and other authorities. CJEU RULES THAT FACEBOOK AND WEBSITE OPERATORS ARE JOINT On July 29, 2019, the Court of Justice of the European Union (“CJEU”) handed down its judgment in the Fashion ID case (Case C-40/17). The CJEU found that when a website operator embeds Facebook’s “Like” button on its website, Facebook and the website operator become joint controllers. OUR WEBSITE USES COOKIES We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the Website, and help us understand your interests and improve theWebsite.
Use necessary cookies only Allow all cookies Show detailsOK
Use necessary cookies only Allow selection Allow all cookiesNecessary
Preferences
Statistics
Marketing
Show details
Cookie declaration About cookies Necessary (2) Preferences (1) Statistics (6) Marketing (13) Unclassified (4) Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.NAME
PROVIDER
PURPOSE
EXPIRY
TYPE
CookieConsent
Cookiebot
Stores the user's cookie consent state for the current domain1 year
HTTP
CONSENT
YouTube
Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of thewebsite.
6064 days
HTTP
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.NAME
PROVIDER
PURPOSE
EXPIRY
TYPE
form/displays.htm
Aweber
Determines whether the user has made any subscriptions on the website, so that the website does not show subscription forms to the user, which already have been filled out.Session
Pixel
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting informationanonymously.
NAME
PROVIDER
PURPOSE
EXPIRY
TYPE
collect
Session
Pixel
_dc_gtm_UA-#
1 day
HTTP
_ga
2 years
HTTP
_ga_#
Google Tag Manager
Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and mostrecent visit.
2 years
HTTP
_gat
1 day
HTTP
_gid
1 day
HTTP
Marketing cookies are used to track visitors across websites. The intention is to display content that is relevant and engaging for theindividual user.
NAME
PROVIDER
PURPOSE
EXPIRY
TYPE
IDE
to the user.
1 year
HTTP
test_cookie
1 day
HTTP
VISITOR_INFO1_LIVE
YouTube
Tries to estimate the users' bandwidth on pages with integratedYouTube videos.
179 days
HTTP
YSC
YouTube
Registers a unique ID to keep statistics of what videos from YouTubethe user has seen.
Session
HTTP
yt.innertube::nextIdYouTube
Registers a unique ID to keep statistics of what videos from YouTubethe user has seen.
Persistent
HTML
yt.innertube::requestsYouTube
Registers a unique ID to keep statistics of what videos from YouTubethe user has seen.
Persistent
HTML
yt-remote-cast-installedYouTube
Stores the user's video player preferences using embedded YouTubevideo
Session
HTML
yt-remote-connected-devicesYouTube
Stores the user's video player preferences using embedded YouTubevideo
Persistent
HTML
yt-remote-device-id
YouTube
Stores the user's video player preferences using embedded YouTubevideo
Persistent
HTML
yt-remote-fast-check-periodYouTube
Stores the user's video player preferences using embedded YouTubevideo
Session
HTML
yt-remote-session-appYouTube
Stores the user's video player preferences using embedded YouTubevideo
Session
HTML
yt-remote-session-nameYouTube
Stores the user's video player preferences using embedded YouTubevideo
Session
HTML
yt-remote-cast-availableYouTube
Pending
Session
HTML
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.NAME
PROVIDER
PURPOSE
EXPIRY
TYPE
cov.vuture.net_VxSessionIdVuture
Pending
Session
HTTP
intEmailHistoryId
Vuture
Pending
1 year
HTTP
security/tracker.gifVuture
Pending
Session
Pixel
Covington.VutureId
www.insideprivacy.comPending
1 year
HTTP
Cookies are small text files that websites and other online services use to store information about users on the users’ own computers. Cookies may be used to store a unique identification number tied to your computer so that a website can recognize you as the same user across different visits to the website. You can configure your Internet browser to warn you each time a cookie is being sent or to refuse cookies completely. Cookie declaration last updated on 5/25/21 by Cookiebot Covington & Burling LLP
__ MENU
* Home
* Audiocast Library
* About Us
* Contact
*
INSIDE PRIVACY
UPDATES ON DEVELOPMENTS IN DATA PRIVACY AND CYBERSECURITY FROM COVINGTON & BURLING LLP EUROPEAN COMMISSION PUBLISHES NEW STANDARD CONTRACTUAL CLAUSESBy Dan Cooper ,
Kristof Van Quathem
, Anna Oberschelp
de Meneses
and
Nicholas Shepherd on June 4, 2021 Posted in Cross-Border Transfers,Data
Privacy, EU
Data Protection,
European
Union, GDPR
Today, June 4th, 2021, the European Commission (“COMMISSION”) published the final version of its new standard contractual clauses for the international transfer of personal data (“SCCS”) (see here).
While the final version retains much of the language of the draft version released in November 2020 (see here),
it includes several notable updates. When finalizing the SCCs, the Commission took into account the joint opinion of the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor, feedback submitted by stakeholders during the public consultation period, and the opinions of EU Member States’representatives.
In this blog post, we identify several key features of the new SCCs that organizations should keep in mind when preparing to implement them in contractual agreements going forward.Continue Reading
__ __ __ __ Tags: Cross-Border Transfers,European
Commission,
General Data Protection Regulation (GDPR), Schrems II, Standard Contractual Clauses (SCCs), Technical and Organizational Measures SUPREME COURT ADOPTS NARROW READING OF THE CFAA IN VAN BUREN V.UNITED STATES
By Trisha Anderson ,Alexander Berengaut
and Chloe
Goodwin on June 4,
2021 Posted in Cybersecurity,Cybersecurity,
Data Security,
Litigation
Yesterday the Supreme Court issued a decision in _Van Buren v. UnitedStates_ ,
No. 19-783, ruling that a police officer did not violate the Computer Fraud and Abuse Act (“CFAA”) when he obtained information from a law enforcement database that he was permitted to access, but did so for an improper purpose. In so ruling, the Court adopted a relatively narrow reading of the CFAA, and partially resolved a years-long debate concerning the scope of liability under the CFAA. The CFAA prohibits, _inter alia_, “intentionally access a computer without authorization or exceed authorized access, and thereby obtain information from any protected computer.” 18 U.S.C. § 1030(a)(2). What it means to “exceed authorized access” has been the subject of disagreement among lower courts: Some have concluded that this term refers to accessing areas of a computer that the user is not permitted to access under any circumstances—e.g., a student accessing her university’s database of grades that is restricted to only administrator use. Others have concluded that this term also encompasses individuals who _are_ permitted to access an area of a computer for certain purposes, but they do so for an improper purpose—e.g., an administrator accessing the university’s database of grades that she is generally permitted to use, but she does so for the improper purpose of blackmailing a student. Continue Reading __ __ __ __ Tags: CFAA, Computer Fraud and Abuse Act,Supreme Court
INSIDE PRIVACY AUDIOCAST: EPISODE 14 – CHINA’S DRAFT DATASECURITY LAW
By Dan Cooper and Yan Luo on June 1, 2021Posted in China,
Data
Security,
International
On Episode 14 of Covington’s Inside Privacy Audiocast, Dan Cooperand Yan Luo
discuss recent
privacy developments in China, in particular as they relate to China’s draft Data Security Law. _Covington’s Inside Privacy Audiocast offers insights into topical global privacy issues and trends. Subscribe to our Inside Privacy Blog to receive notifications on new episodes._ __ __ __ __ Tags: China,Data Security,
International
FINAL COUNTDOWN TO POPIA COMPLIANCE: FIVE CRITICAL STEPS TO TAKE BEFORE JULY 1ST, 2021 By Benjamin Haley , Dan Cooper , Deon Govender, Ahmed Mokdad
, Shivani Naidoo
and Kgabo Mashalane
on June 1, 2021
Posted in Cross-Border Transfers,International,
Internet of Things (IoT),POPIA,
Privacy and Data
Security,
South Africa
In Episode 12 of our Inside Privacy Audiocast, together with special guest Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa, we discussed the Information Regulator’s mandate and the implementation of data protection legislation in South Africa. Now, with less than a month to go before South Africa’s Protection of Personal Information Act, 2013 (“POPIA”) takes full effect on July 1, 2021, it is critical for organizations operating in South Africa to ensure that they are ready, if and when the Information Regulator comes knocking. It is only when organizations start their POPIA journey that they realize just how wide the POPIA net is cast, and that very few businesses fall outside of its reach. The road to POPIA compliance should be viewed as a marathon, and not a sprint. While implementing and maintaining an effective POPIA compliance program will take continued effort and resources well beyond the July 1, 2021 go-live date, here we outline five steps to which companies subject to POPIA should give their attention in the short term.Continue Reading
__ __ __ __ Tags: Cross-Border Transfers,Data
Protection,
POPIA, South Africa ITALIAN SUPERVISORY AUTHORITY FINES PHYSICIAN FOR SECONDARY USE OF PATIENT DATA WITHOUT SPECIFIC CONSENT By Kristof Van Quathemand Giulia Romana
Mele on May 27, 2021Posted in GDPR
On May 19, 2021, the Italian Supervisory Authority (“Garante”)fined
a physician €5,000 for publishing a patient’s medical records without obtaining that patient’s specific consent to do so. As background, the physician downloaded medical records about a patient she treated at a local hospital from the hospital’s online archive system, including images taken during surgery. The physician used these records for a presentation at a medical conference, and also included them as documentation supporting a scientific research paper she submitted for a competition hosted by a surgeons’ association. The physician’s paper was ultimately selected as the winner of that competition, resulting in the publication of her work on the association’s website.Continue Reading
__ __ __ __ Tags: Consent, General Data ProtectionRegulation (GDPR),
Health data, HealthPrivacy,
Scientific Research,Secondary Use
NEW PRIVACY BILL PROVIDES OPT-OUT RIGHTS AND NEW DATA SECURITYREQUIREMENTS
By Andrew Longhi ,
Jayne Ponder and
Libbie Canter on May 26, 2021 Posted in Congress, Federal Trade Commission To add to the growing list of federal privacy frameworks introduced this year, Senator Amy Klobuchar (D-MN) has re-introduced the bipartisan Social Media Privacy Protection and Consumer Rights Act of2021 (S. 1667
).
Senator Klobuchar introduced the bill originally in 2018and 2019
,
although it did not advance to committee in either instance. Senators Kennedy (R-LA), Burr (R-NC), and Manchin (D-WV) have co-sponsored the bill. Key provisions in this bill include: Continue Reading __ __ __ __ Tags: Federal Trade Commission,FTC,
GLBA,
HIPAA,
Legislation,
Senate
EUROPEAN COMMISSION PROPOSES NEW ARTIFICIAL INTELLIGENCE REGULATION By Lisa Peets , Marty Hansen and Vicky Ling on May 24, 2021 Posted in Artificial Intelligence (AI), Emerging Technologies,EU
Data Protection,
European
Union,
European Union
In April 2021, the European Commission released its proposed _Regulation Laying Down Harmonized Rules on ArtificialIntelligence_
(the
“Regulation”), which would establish rules on the development, placing on the market, and use of artificial intelligence systems (“AI systems”) across the EU. The proposal, comprising 85 articles and nine annexes, is part of a wider package of Commission initiatives aimed at positioning the EU as a world leader in trustworthy and ethical AI and technological innovation. The Commission’s objectives with the Regulation are twofold: to promote the development of AI technologies and harness their potential benefits, while also protecting individuals against potential threats to their health, safety, and fundamental rights posed by AI systems. To that end, the Commission proposal focuses primarily on AI systems identified as “high-risk,” but also prohibits three AI practices and imposes transparency obligations on providers of certain non-high-risk AI systems as well. Notably, it would impose significant administrative costs on high-risk AI systems of around 10 percent of the underlying value, based on compliance, oversight, and verification costs. This blog highlights several key aspects of the proposal.Continue Reading
__ __ __ __ Tags: Artificial Intelligence (AI),European
Commission,
European Union (EU)
MAJOR CYBER-ATTACK ON IRISH HEALTH SYSTEM CAUSES COMMERCIAL CONCERN By Marie Daly on May 20, 2021 Posted in Cybersecurity,Data Privacy,
Data Security,
EU Data Protection,
Health
Privacy, life
science
On May 20, 2021, there was a major ransomware attack on the Irish health system. The centralized HSE (Health Service Executive), which provides and manages healthcare for the Irish population, was targeted on May 14 and has seen significant disruption since. It has described the attack as a ‘zero-day threat with a brand new variant of the Conti ransomware.’Continue Reading
__ __ __ __ Tags: Cyber Attack,Health System,
Ireland
PRESIDENT BIDEN SIGNS EXECUTIVE ORDER AIMED AT IMPROVING GOVERNMENTCYBERSECURITY
By Susan B. Cassidy ,Trisha Anderson ,
Micaela McMurrough
, Robert Huffman
and Tyler Holbrook
on May 18, 2021
Posted in Cybersecurity,Internet of
Things (IoT)
On May 12, the Biden Administration issued an “Executive Order on Improving the Nation’s Cybersecurity.”
The Order seeks to strengthen the federal government’s ability to respond to and prevent cybersecurity threats, including by modernizing federal networks, enhancing the federal government’s software supply chain security, implementing enhanced cybersecurity practices and procedures in the federal government, and creating government-wide plans for incident response. The Order covers a wide array of issues and processes, setting numerous deadlines for recommendations and actions by federal agencies, and focusing on enhancing the protection of federal networks in partnership with the service providers on which federal agencies rely. Private sector entities, including federal contractors and service providers, will have opportunities to provide input to some of these actions. Continue Reading __ __ __ __ Tags: "Government Contracts",Cybersecurity, IoT
SENATORS MARKEY AND CASSIDY INTRODUCE BILL TO UPDATE THE CHILDREN’S ONLINE PRIVACY PROTECTION ACTBy Lindsey Tonsager
, Sarah Guerrero
and Danielle Kehl
on May 14, 2021 Posted in Children's Privacy,Data
Privacy,
Federal Trade Commission, Privacy and Data Security, U.S. Federal and State Legislative Initiatives,United States
This week, Senators Ed Markey (D-Mass.) and Bill Cassidy (R-La.)introduced
the Children and Teens’ Online Privacy Protection Act,
which would update the Children’s Online Privacy Protection Act (COPPA). COPPA is the comprehensive federal children’s privacy law enacted in 1998 that regulates the collection, use, and disclosure of personal information online from children under 13. Continue Reading __ __ __ __ Tags: COPPA,FTC Older Posts __
STAY CONNECTED
* __
* __
* __ Subscribe By EmailTOPICS
Topics Select Category Advertising & Marketing Airlines Artificial Intelligence (AI) Autonomous Vehicles Big Data Brexit California Consumer Privacy Act (CCPA) California Privacy Rights Act Canada Centre for Data Ethics and Innovation Children’s Privacy China Cloud Computing Committee on Standards in Public Life Congress Consumer Protection COVID-19 Creditors Cross-Border Transfers Cybersecurity Cybersecurity Data Data Breaches Data Privacy Data Protection Officer Data Security Department of Commerce Department of Health and Human Services Department of Justice Doxing Electronic Surveillance and Law Enforcement Access Emerging Technologies ePrivacy Regulation Ethics EU Data Protection European Union European Union Federal Communications Commission Federal Trade Commission Financial Institutions Financial Privacy Fintech GDPR Health Privacy India International Internet of Things (IoT) Korea Life science life science Litigation Marketing Mobile Mobile Online NHS Online Online Targeting POPIA Privacy and Data Security Privacy Policies Privacy Weekend Public Sector Red Flags Report Smart Meters Social Media Sourcing South Africa Standards State Legislatures Student Privacy Surveillance TCPA Technology Transactions Travel U.S. Election 2020 U.S. Federal and State Legislative Initiatives UK Government Uncategorized United Kingdom United Kingdom United States White HouseARCHIVES
Archives Select Month June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 October 2010RECENT UPDATES
* European Commission Publishes New Standard Contractual Clauses * Supreme Court Adopts Narrow Reading of the CFAA in Van Buren v.United States
* Inside Privacy Audiocast: Episode 14 – China’s Draft DataSecurity Law
* Final Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021 * Italian Supervisory Authority Fines Physician for Secondary Use of Patient Data Without Specific Consent Covington & Burling LLPINSIDE PRIVACY
* __
* __
Attorney Advertising* Privacy Policy
* Disclaimer
ABOUT THE COVINGTON DATA PRIVACY AND CYBERSECURITY GROUP Repeatedly ranked as having one of the best privacy practices in the world, Covington combines exceptional substantive expertise with an unrivaled understanding of the IT industry, and of e-commerce and digital media business models in particular. Read More __ Copyright © 2021, Covington & Burling LLP. All Rights Reserved. Strategy, design, marketing & support by LexBlogDetails
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0