On September 20, 2016, the Department of Transportation, through the National Highway Traffic Safety Administration, released federal cyber guidance for autonomous cars entitled Federal Automated Vehicles Policy. … Continue Reading
Recently, the National Privacy Commission of the Philippines published the final text of its Implementing Rules and Regulations of Republic Act No. 10173, known as the Data Privacy Act of 2012. The IRR has a promulgation date of August 24, 2016, and went into effect 15 days after the publication in the official Gazette. … Continue Reading
The Office of Management and Budget recently issued updated information management policies for the U.S. federal government. The updated policies are intended "to reflect changes in law and advances in technology, as well as to ensure consistency with Executive Orders, Presidential Directives, and other OMB policy."… Continue Reading
The State Administration for Industry and Commerce of the People's Republic of China published a draft of its Implementing Regulations for the P.R.C. Law on the Protection of the Rights and Interests of Consumers for public comment. The draft is open for comment until September 5, 2016.… Continue Reading
On July 19, 2016, Advocate General Saugmandsgaard Oe published his Opinion on two cases that sought to establish whether a general obligation to retain data is compatible with the fundamental rights to privacy and data protection under EU law.… Continue Reading
On June 29, 2016, the Federal Trade Commission announced that, to account for inflation, it is increasing the civil penalty maximums for certain violations of the FTC Act effective August 1, 2016. … Continue Reading
On June 17, 2016, the National Privacy Commission of the Philippines released draft guidelines entitled, Implementing Rules and Regulations of the Data Privacy Act of 2012, for public consultation. This blog entry provides a summary of the draft guidelines.… Continue Reading
On June 23, 2016, the UK held a referendum to decide upon its continued membership in the European Union. The outcome has resulted in the decision for the UK to withdraw its membership from the European Union. Despite the result, data protection standards are unlikely to be affected.… Continue Reading
TCCWNA. The very acronym evokes head scratches and sighs of angst and frustration among many in the retail industry. The New Jersey Truth-in-Consumer Contract Warranty and Notice Act was passed in 1981 to protect consumers from allegedly deceptive practices in consumer contracts, warranties, notices and signs. Continue reading for an in-depth view of the TCCWNA and what retailers can do to minimize risk. … Continue Reading
On June 15, 2016, the U.S. Department of Homeland Security and U.S. Department of Justice jointly issued final guidance on the Cybersecurity Information Sharing Act of 2015.… Continue Reading
On June 2, 2016, the European Union and the U.S. signed an Umbrella Agreement, which, if approved, will implement a comprehensive data protection framework for criminal law enforcement cooperation. The European Council will adopt a decision on the Umbrella Agreement after obtaining consent from the European Parliament.… Continue Reading
On May 24, 2016, the European Data Protection Supervisor presented its Annual Report for 2015. The annual report provides an overview of the EDPS’ primary activities in 2015 and sets forth key priorities and challenges for 2016. … Continue Reading
On April 13, 2016, Nebraska Governor Pete Ricketts signed into law LB 835, which among other things, adds a regulator notification requirement and broadens the definition of “personal information” in the state’s data breach notification statute. The amendments take effect on July 20, 2016. … Continue Reading
On March 24, 2016, the Grand National Assembly of Turkey approved the Law on Personal Data Protection, which is Turkey’s first comprehensive data protection legislation.… Continue Reading
On March 24, 2016, Tennessee Governor Bill Haslam signed into law S.B. 2005, which makes a number of changes to the state’s data breach notification statute, Tenn. Code § 47-18-2107. The law takes effect on July 1, 2016.… Continue Reading
On February 24, 2016, President Obama signed the Judicial Redress Act into law. The Act grants non-U.S. citizens certain rights, including a private right of action for alleged privacy violations that occur in the U.S. … Continue Reading
On February 16, 2016, the Department of Homeland Security, in collaboration with other federal agencies, released a series of documents outlining procedures for both federal and non-federal entities to share and disseminate cybersecurity information. These documents were released as directed by the Cybersecurity Act of 2015, signed into law on December 18, 2015.… Continue Reading
On February 10, 2016, the U.S. House of Representatives passed the Judicial Redress Act, which had been approved by the Senate the night before and included a recent Senate amendment. The Judicial Redress Act grants non-U.S. citizens certain rights, including a private right of action for alleged privacy violations that occur in the U.S. … Continue Reading
On February 9, 2016, President Obama signed an Executive Order establishing a permanent Federal Privacy Council that will serve as the principal interagency support structure to improve the privacy practices of government agencies and entities working on their behalf.… Continue Reading
On January 28, 2016, the Senate Judiciary Committee passed the Judicial Redress Act, which would give EU citizens the right to sue over certain data privacy issues in the U.S.… Continue Reading
On January 13, 2016, the Russian Data Protection Authority (Roscommandzor) released its plan for audits this year to assess compliance with Russia’s data localization law, which became effective on September 1, 2015.… Continue Reading
The Senate Judiciary Committee has delayed a vote on the Judicial Redress Act, which would give EU citizens the right to sue over certain data privacy issues in the U.S.… Continue Reading
On December 17, 2015, the German Federal Diet (Bundestag) adopted a draft law introducing class action-like claims that enable consumer protection associations to sue companies for violations of German data protection law.… Continue Reading
On December 16, 2015, leaders in the U.S. House of Representatives and Senate released an omnibus spending bill that contained cybersecurity information sharing language that is based on a compromise between the Senate’s Cybersecurity Information Sharing Act and two cybersecurity information sharing bills that passed in the House earlier this year. … Continue Reading
