On December 10, 2020, the California Attorney General (AG) released the Fourth Set of Proposed Modifications to the California Consumer Protection Act (CCPA) Regulations, styled as “Modifications to Proposed Modifications.” The Fourth Set comes shortly after the comment period for the Third Set of Proposed Modifications closed on Oct. 28. Per the AG’s Notice
One week into the final month of what has been a memorable 2020, maintaining an organization’s privacy hygiene is more pressing than ever – and includes new requirements.
From privacy policy updates mandated by the California Consumer Privacy Act (CCPA), to all businesses needing to stay current and non-deceptive in their public disclosures in relation
On Nov. 17, 2020, the Canadian government introduced the Digital Charter Implementation Act, 2020 (DCIA, or Bill C-11), a much-anticipated bill aimed at overhauling the country’s comprehensive private sector data privacy legal regime. As introduced by Minister of Innovation, Science and Economic Development Navdeep Bains, the DCIA would establish a new privacy law
On 12 November 2020 the Commission of the European Union (EU) published two draft implementing decisions – one containing a draft new set of standard contractual clauses for transfers of personal data from the EU to third countries (the Cross-Border SCCs), and one containing a draft of new standard contractual clauses for certain clauses in
* Please note, post publication the EDPB extended the deadline for public comments on the Supplementary Transfer Measures Recommendations to Dec 21, 2020.
On Nov. 11, the European Data Protection Board (EDPB) published Supplementary Transfer Measures Recommendations and Surveillance Recommendations.
Click here to read the full GT Alert, “EDPB Guidance on Supplementary Transfer
With 72% of the vote in, 56.1% of Californians have voted in favor of Proposition 24, making it likely that the California Privacy Rights Act of 2020 (CPRA) will pass. The CPRA – a ballot initiative – will usher in material amendments to the existing California Consumer Privacy Act (CCPA). Proponents have argued that the
No.
The regulations implementing the CCPA require that in-scope businesses must provide two or more designated methods of submitting requests to opt-out, including an interactive form accessible via a clear and conspicuous link titled “Do Not Sell My Personal Information,” on the business’s website or mobile application.[1]
In addition to the “DNSMPI” link noted
Yes.
Where a global privacy control (“GPC”) conflicts with a consumer’s existing business-specific privacy setting or their participation in a business’s financial incentive program, the business must respect the GPC, but may notify the consumer of the conflict and give the consumer the choice to confirm the business-specific privacy setting or participation in the financial
The U.S. Department of Homeland Security (DHS)’s Cybersecurity and Infrastructure Security Agency (CISA) has released updated chapters to its Cyber Essentials Toolkits (revised August 17, 2020). CISA, the U.S. risk advisor, is tasked with key responsibilities in relation to defending cyber threats against “.gov” networks while collaborating with federal government partners to build more secure
On August 14, 2020, the California Attorney General (AG) announced that the Office of Administrative Law (OAL) approved the California Consumer Privacy Act (CCPA) regulations, which will take effect immediately. The OAL’s approval concludes the expedited review process requested by the AG on June 1. For more information on the review process, see GT’s June