On March 7, 2022, the Colorado Attorney General’s Office issued to the public an invitation to submit initial input on the Colorado Privacy Act (“CPA”) and future rulemaking. The Attorney General’s Office is accepting informal comments on any area on which it has the authority to adopt rules and provides examples of input in the […]
Privacy
CPPA Expected Not to Meet CPRA Rulemaking Deadline
At a board meeting held by the California Privacy Protection Agency (CPPA) on February 17, 2022, Executive Director Ashkan Soltani announced that the CPPA does not expect to meet the July 1, 2022, statutory deadline for adopting final regulations under the California Privacy Rights Act. The CPPA plans to schedule meetings in March and April […]
Georgia Introduces Privacy Bill Stricter than CCPA – the Top 10 Issues
On January 26, 2022, the Georgia General Assembly introduced a bill titled the Georgia Computer Data Privacy Act (GCDPA). Despite its title, the GCDPA is not a “computer”-focused bill. It is instead is an omnibus privacy statute modeled after California’s Consumer Privacy Act (CCPA). The GCDPA was introduced by the Republican leadership in Georgia’s state […]
Belgian Data Protection Authority Fines Bank for DPO’s Conflicting Roles
In a decision of December 16, 2021, the Belgian Data Protection Authority (“DPA”) imposed a EUR 75,000 administrative fine on a bank located in Belgium for failure to comply with the requirement in Article 38.6 of the General Data Protection Regulation (“GDPR”) that the tasks and duties of the Data Protection Officer (“DPO”) must not […]
EDPB Issues Draft Guidelines on Data Subject Access Rights
On January 28, 2022, the European Data Protection Board (“EDPB”) published draft regulatory guidelines (“draft guidance”) on the right of data subjects to have access to their personal data under the EU General Data Protection Regulation (“GDPR”). In the draft guidance, the EDPB explains the aim and components of the right. This analysis is followed […]