Alston & Bird Privacy, Cyber & Data Strategy Blog

David Keating

Avatar photo

About David Keating

David Keating focuses his practice on matters involving technology and data and co-leads the Privacy, Cyber & Data Strategy Team. He has advised clients on privacy and security issues arising along the entire data lifecycle for more than 20 years. He assists clients with compliance strategies, policy development and implementation, data monetization and data use analyses, new product development, privacy and security issues in transactions, and privacy enforcement matters.

[Read Bio]

CPPA Board Advances CCPA Regulations to Formal Rulemaking; Adopts New Data Broker Regulations

By , and

On November 8, 2024, the California Privacy Protection Agency (the “CPPA”) Board advanced to formal rulemaking the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automated decisionmaking technology (ADMT) and insurance. The CPPA Board also adopted the California Delete Act proposed regulations, which clarify data broker registration requirements and provide definitions […]

More Guidance from HHS on Online Tracking Technologies but Questions Remain

By , and

Health and Human Services (“HHS”) released updated guidance yesterday on the use of online tracking technologies (like cookies, pixels, software development kits (SDKs), etc.) by HIPAA Covered Entities (the “Updated Guidance”). The Updated Guidance amends and supersedes HHS’s original guidance on the use of digital tracking technologies published on December 1, 2022 (the “Prior Guidance”).  […]

White House Executive Order to Regulate Transactions Involving Sensitive Personal Data of Americans

By , , and

Today, the White House announced that President Biden will sign an executive order designed to protect sensitive data of U.S. persons from exploitation by identified countries of concern.  This executive order is expected to be published later today, and to direct the Department of Justice (DOJ) to issue regulations designed to address transactions that involve […]

CBDF Research Fellow Theodore Christakis Publishes Study on Cross-Border Data Transfers and the EU’s “Zero Risk” Approach

By , and

Theodore Christakis, Professor of International Law at the University Grenoble Alpes and Senior Fellow and Director of Research for Europe at the Cross-Border Data Forum, has published a new comprehensive analysis on cross-border transfers of personal data and the EU’s data protection authorities’ “Zero Risk” theory developed since the CJEU Schrems II Judgment. Prof. Christakis looks […]

Declassified Intelligence Community Letters Highlight Importance of Monitoring Outbound Data Flows

By and

On January 25, 2024, Senator Ron Wyden (D-OR) released documents that confirm U.S. intelligence agencies are purchasing location and other sensitive personal information from data brokers without the consent of the data subjects. The FTC has recently gone after data brokers who collect and sell the sensitive location data of consumers without their express consent, […]