On August 31, 2020, the California Senate joined the Assembly in passing SB-980, as amended, a bill to establish the Genetic Information Privacy Act, which would require direct-to-consumer genetic testing companies to comply with certain privacy and data security provisions. The bill is pending California Governor Gavin Newsom’s signature.
Continue Reading California Legislature Passes Bill to Establish the Genetic Information Privacy Act, Pending Governor’s Signature

On August 30, 2020, the California legislature passed AB-1281. As background, the CCPA currently exempts from most of its requirements certain information collected in the HR context and certain information collected about B2B personnel. AB-1281 would extend each exemption until January 1, 2022.
Continue Reading California Legislature Votes to Extend CCPA’s HR and B2B Exemptions

On July 16, 2020, the Court of Justice of the European Union issued its landmark judgment in the Schrems II case, concluding that the Standard Contractual Clauses issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. Unexpectedly, the Court invalidated the EU-U.S. Privacy Shield framework.
Continue Reading BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid

In a case that has garnered widespread interest, the Court of Justice of the European Union will deliver its judgement in the Schrems II case (case C-311/18) on July 16, 2020, determining the validity of the controller-to-processor Standard Contractual Clauses as a cross-border data transfer mechanism under the GDPR.
Continue Reading CJEU’s Judgment on Validity of EU Standard Contractual Clauses Due July 16, 2020