Notwithstanding a two-month-long pandemic shutdown, a wave of new legislation has flooded the halls of the California legislature, including four discreet privacy-related bills, each with different objectives and consequences. Upon the closing of the signature period, Gov. Newsom signed only two of the bills into law, vetoing the other two.

Read the full GT Alert,

On Friday, Oct. 9 at 9:00 a.m. PST, GT Shareholder Gretchen Ramos (SF) will present “Practical Solutions: Cross Border & Onward Transfers of EEA Data During Uncertain Times” during the PrivacyConnect San Francisco webinar. PrivacyConnect is a free, virtual series that provides an overview of the latest global regulatory updates, requirements, and trends. Through an

On August 27, 2020 the Dutch Data Protection Authority (Dutch DPA) announced that it approved the first ‘code of conduct’ in the Netherlands, the Data Pro Code. The Data Pro Code was drafted by NL Digital, the Dutch industry association for organizations in the ICT sector in the Netherlands.

What is a ‘Code of

On Aug. 30, 2020, the California legislature passed Assembly Bill 1281 (AB-1281), which would extend the exemptions for “employee” information and business-to-business (B2B) transactions from its original expiration date of Jan. 1, 2021, to Jan. 1, 2022, if approved by the governor.

Read the full GT Alert, “Extension to CCPA’s Employment and

The U.S. Department of Homeland Security (DHS)’s Cybersecurity and Infrastructure Security Agency (CISA) has released updated chapters to its Cyber Essentials Toolkits (revised August 17, 2020). CISA, the U.S. risk advisor, is tasked with key responsibilities in relation to defending cyber threats against “.gov” networks while collaborating with federal government partners to build more secure

The Court of Justice of the European Union (CJEU)’s historic decision in Schrems II, in which the EU-U.S. Privacy Shield was invalidated, requires businesses to rethink the mechanism they can rely on to transfer personal data from the EU to the United States and other countries. However, how the decision will be enforced remains

With the California Attorney General’s enforcement of the California Consumer Privacy Act (CCPA) beginning on July 1, 2020, businesses are eagerly awaiting the forthcoming final version of the CCPA Regulations to ensure that their compliance is in line with the law and its Regulations. Due to the upcoming CCPA enforcement deadline, and California’s shelter-in-place status,

The Coronavirus Aid, Relief, and Economic Security Act (CARES Act), enacted March 27, 2020, rewrote significant portions of 42 U.S.C. § 290dd-2, the federal statute governing the confidentiality of substance use disorder (SUD) records that is more commonly known by its implementing regulations at 42 C.F.R. Part 2 (Part 2). Among other changes, the CARES

Introduction

As many countries reach the second stage of the Coronavirus Disease 2019 (COVID-19) outbreak, privacy protections may be relaxed under certain circumstances. The European Data Protection Board (EDPB) issued a statement on the processing of personal data in this period of time, and several national data protection authorities have issued COVID-19 specific