Why Organizations Need to Start Implementing Data Minimization

When the European Union (EU) enacted the General Data Protection Regulation (GDPR) on May 2, 2018, the world was introduced to the concept of data minimization. According to Article 5 of the GDPR, data minimization means “personal data shall be…

Read More
IoT

Diving Into IoT Data? Here Are Some Privacy Considerations

Many insurers contemplate using data from internet-connected devices, including wearables, for a deep dive into wearers’ lifestyles and invaluable insights for automated underwriting. Before diving into the deep end, there are numerous privacy considerations. To ensure your IoT data does not plunge you into trouble: Adjust your data map. Begin by drawing out all the…
Read More
Privacy Legislation

2021 Year-in-Review – U.S. State Privacy Legislation

The COVID-19 pandemic has rapidly accelerated our reliance on digital services and platforms, which brings new challenges and expectations for data privacy. But, to date, there has been little movement towards all-encompassing federal privacy legislation. Therefore, the issue of consumer data privacy has been left to the states to decide.  During 2021, 23 states introduced…
Read More
Privacy

Senate Hearing on Promoting Competition and Privacy in the Tech Sector: Two Hearings in One?

On December 7, 2021, the Senate Finance Committee’s Subcommittee on Fiscal Responsibility and Economic Growth conducted a hearing on “promoting competition, growth, and privacy protection in the technology sector.” The hearing could have been conducted using a split-screen format, since one group of Senators and witnesses focused on anti-competitive behavior by the tech giants and…
Read More
ISP

FTC Report Reveals ISP Data Privacy Failures

The Federal Trade Commission (FTC) recently issued a report on the privacy practices of internet service providers (ISPs). The report is based on material provided by the United States’ six largest ISPs – AT&T, Verizon Wireless, Charter Communications Operating, Xfinity, T-Mobile, and Google Fiber. These ISPs comprise approximately 99 percent of the mobile internet market.…
Read More
Collective Redress

The EU’s Collective Redress Directive — An Analysis of the Interplay with EU General Data Protection (GDPR)

In this fourth alert in our series regarding the European Parliament’s formal endorsement of a new collective actions legislation titled the Directive of the European Parliament and of the Council on Representative Actions for the Protection of the Collective Interests of Consumers, we analyze the interplay between this new Directive and EU General Data Protection 2016/679, also known…
Read More
PDPL

Updates to Saudi Arabia’s Data Protection Law

Whilst European and North American businesses are well accustomed to dealing with complex data protection legislation, businesses in the MENA region have by and large not had to consider the same in their local markets. From a Saudi standpoint, the recently published Personal Data Protection Law (published on 24 September 2021 and effective as of…
Read More
CPRA

Initial Defenses Under the CCPA and CPRA: 8 Key Takeaways

Since the Jan. 1, 2020 kickoff for private enforcement under the California Consumer Privacy Act (CCPA), plaintiffs have filed scores of class actions invoking the CCPA. Such claims, when properly made, present substantial risk to companies including statutory damages up to $750 per consumer. Early key takeaways can help companies limit risk under the CCPA…
Read More
Back To Top