On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This marks the first significant update to the NIST Cybersecurity Framework (“Framework”) since its initial release in 2014, which is intended to address current and future cybersecurity […]
California Privacy Protection Agency Issues Invitation for Preliminary Comments on Proposed Rulemaking on Risk Assessments, Cybersecurity Audits, and Automated Decisionmaking
The California Privacy Protection Agency (CPPA) issued an Invitation for Preliminary Comments on Proposed Rulemaking (Invitation) Friday as it considers new rules regarding Risk Assessments, Cybersecurity Audits, and Automated Decisionmaking. The proposed rulemaking is pursuant to California Civil Code § 1798.185(a)(15)-(16), which directs the CPPA to draft regulations on these topics. Although the Invitation enumerates […]
California Privacy Protection Agency Approves CCPA Regulations
The California Privacy Protection Agency (CPPA) voted unanimously Friday to approve the newest version of the draft California Consumer Privacy Act (CCPA) regulations. These regulations are substantively the same as those considered by the CPPA Board during its October 2022 meeting. This vote marks the conclusion of a chapter that began in May 2022, when […]
Alston & Bird Hosts Webinar on Privacy and Data in 2023: A Look Ahead
On January 31, 2023, at 12:30 – 1:30 pm ET, join Peter Swire, Wim Nauwelaerts, David Keating, Karen Sanzaro, and Dorian Simmons in an engaging discussion focusing on trends and anticipated developments in privacy and cyber law in 2023. We will discuss recent regulatory and industry developments in the U.S. and E.U., where things appear […]
California Privacy Protection Agency Issues Notice of Modifications to Proposed CPRA Regulations
On November 3, 2022, the California Privacy Protection Agency (“CPPA”) issued a notice of modifications to the Proposed Regulations implementing the California Privacy Rights Act (“CPRA”). These proposed modifications come in response to public comments on, and are meant to clarify, previously issued modifications. The modifications, which are largely based on the Modified Proposed Regulations […]