Hunton Privacy Chair Lisa Sotto and MLaw Chief Global Digital Risk Correspondent Mike Swift led a webinar on Everything You Need to Know About the California Privacy Rights Act. This post includes a link to watch the full program.
Continue Reading Lisa Sotto Leads LexisNexis’ Emerging Issues Webinar on Everything You Need to Know About the CPRA

The Centre for Information Policy Leadership at Hunton Andrews Kurth has published its paper on delivering a risk-based approach to regulating artificial intelligence. Developed in partnership with key EU experts and leaders in AI, the paper translates best practices and emerging policy trends into actionable recommendations for effective AI regulation.
Continue Reading CIPL Publishes Recommendations on a Risk-Based Approach to Regulating AI

On March 12, 2021, the European Data Protection Board (“EDPB”) published its Guidelines 01/2021 on Virtual Voice Assistants for consultation (the “Guidelines”). Virtual voice assistants (“VVAs”) understand and execute voice commands or coordinate with other IT systems. These tools are available on most smartphones and other devices and collect significant amounts of personal data, such as through user commands. In addition, VVAs require a terminal device equipped with a microphone and transfer data to remote service. These activities raise compliance issues under both the General Data Protection Regulation (“GDPR”) and the e-Privacy Directive.
Continue Reading EDPB Releases Guidelines on Virtual Voice Assistants

On March 1, 2021, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted a response to the new Brazilian data protection authority’s call for preliminary inputs on the impact of the Brazilian data protection law on small and medium-sized enterprises.
Continue Reading CIPL Submits Response to New Brazilian Data Protection Authority’s First Public Consultation on SMEs

On February 10, 2021, the European Data Protection Supervisor published two opinions on the European Commission’s proposals for a Digital Services Act and a Digital Markets Act. The two proposals are part of a set of measures announced in the 2020 European Strategy for Data and have two main goals: (1) creating a safer digital space in which the fundamental rights of all users of digital services are protected, and (2) establishing a level playing field to foster innovation, growth and competitiveness in the European Single Market and globally.
Continue Reading EDPS Publishes Opinion on Digital Services Act and Digital Markets Act

On January 28, 2021, international Data Privacy Day, the newly formed Brazilian data protection authority published its regulatory strategy for 2021-2023 and work plan for 2021-2022 (in Portuguese). This post includes an overview of both strategies, as well as details about the newly formed authority.
Continue Reading Brazilian Data Protection Authority Publishes Regulatory Strategy for 2021 – 2023

On January 19, 2021, the UK Information Commissioner’s Office published its analysis of the application of the UK General Data Protection Regulation to transfers from UK-based firms or branches that are registered, required to be registered or otherwise regulated by the U.S. Securities and Exchange Commission.
Continue Reading ICO Confirms UK Firms May Rely on Public Interest Derogation for SEC Transfers

On January 26, 2021, BBB National Programs announced that it has been endorsed as an Accountability Agent for the APEC Cross-Border Privacy Rules and Privacy Recognition for Processors systems. This makes BBB National Programs the seventh CBPR and PRP Accountability Agent worldwide and the first ever U.S. non-profit to be approved by APEC.
Continue Reading APEC Endorses the First U.S. Non-Profit Accountability Agent

The increasing development and use of AI technology is raising several compliance questions, particularly in the context of the EU General Data Protection Regulation (“GDPR”). The European Commission has already begun working on future AI legislation. Join us on October 14, 2020, for a webinar on Artificial Intelligence: Key Considerations for GDPR Compliance Today and Tomorrow.

Continue Reading Webinar on Artificial Intelligence: Key Considerations for GDPR Compliance Today and Tomorrow