On February 7, 2020, the California Office of the Attorney General released Modified Regulations to the California Consumer Privacy Act (“CCPA”). The Modified Regulations update the Initial Proposed Regulations, which were previously published on October 11, 2019. The deadline to submit written comments is February 24, 2020 at 5:00 pm PST. We will follow up […]
Advisories
SHIELD Act Overhauls New York’s Data Breach Notification Framework
On October 23, 2019, New York’s new breach notification provisions came into effect, a result of New York’s passage of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) in July. That Act overhauled New York’s data privacy framework, expanding the list of data elements that are considered “private information” while growing the […]
GDPR Fragmentation May Appear More Significant than Intended
With the entry into application of the GDPR on May 25, 2018, the EU Member States were expected to have adopted national legislation implementing the regulation. To date, however, only 30% of Member States have effectively passed legislation, which still leaves the legal landscape to be precarious. The GDPR allows for deviations and specifications in […]
Alston & Bird Issues Data Protection Paper on Accurate Retrieval of Personal Data under the GDPR
Today Alston & Bird’s Peter Swire and DeBrae Kennedy-Mayo, with support from Senzing, Inc., are publishing a White Paper titled The Importance of Accurate Retrieval of Data Subjects’ Personal Data in Complying with GDPR Individual Rights Requirements. The General Data Protection Regulation, which enters into effect on May 25, 2018, goes considerably beyond existing law in […]
SEC Announces Its First Enforcement Action Over Cyber-related Disclosures
The Securities and Exchange Commission’s $35 million settlement with Altaba Inc., the successor in interest to Yahoo! Inc., is the first civil penalty of its kind for a data breach and underscores the agency’s increasing focus on public companies’ cybersecurity disclosure obligations. A cross-practice team from our Securities Litigation and Cybersecurity Preparedness & Response groups […]