On February 24, 2023, the Cyberspace Administration of China (“CAC”) released its final version of the Standard Contract Measures for Exporting Personal Information (“Standard Contract Measures”), accompanied by a template contract outlining the … [Read more] about China’s Standard Contractual Clauses for Cross-Border Transfers of Personal Information
HHS and FTC Expanding Technology, Privacy, and Cybersecurity Divisions
In recent weeks, FTC and HHS have announced expansion of the operational areas of their organizations that are dedicated to enforcement of laws and regulations related to technology, privacy, and cybersecurity. On February 17, 2023, the FTC … [Read more] about HHS and FTC Expanding Technology, Privacy, and Cybersecurity Divisions
The EU Supervisory Authorities’ Coordinated Enforcement Action in the EU: This Year It’s All About DPOs
On March 15, 2023, the European Data Protection Board (“EDPB”) – the body through which the EU Member States’ Supervisory Authorities cooperate – along with 26 EU Supervisory Authorities officially launched a “coordinated enforcement action”, … [Read more] about The EU Supervisory Authorities’ Coordinated Enforcement Action in the EU: This Year It’s All About DPOs
New NAIC Consumer Privacy Model Law Proposed for Insurers
The National Association of Insurance Commissioners (NAIC) Privacy Protections Working Group (the “Working Group”) released Insurance Consumer Privacy Protection Model Law #674 (“Model 674”) for comment on February 1, 2023. Model 674 is intended to … [Read more] about New NAIC Consumer Privacy Model Law Proposed for Insurers
California Privacy Protection Agency Issues Invitation for Preliminary Comments on Proposed Rulemaking on Risk Assessments, Cybersecurity Audits, and Automated Decisionmaking
The California Privacy Protection Agency (CPPA) issued an Invitation for Preliminary Comments on Proposed Rulemaking (Invitation) Friday as it considers new rules regarding Risk Assessments, Cybersecurity Audits, and Automated Decisionmaking. The … [Read more] about California Privacy Protection Agency Issues Invitation for Preliminary Comments on Proposed Rulemaking on Risk Assessments, Cybersecurity Audits, and Automated Decisionmaking