On October 28, 2021, the European Parliament’s Committee on Industry, Research and Energy adopted a draft directive on cybersecurity, which will broaden the scope of the existing NIS Directive to apply to “important sectors.”
Continue Reading European Parliament Adopts Draft Cybersecurity Directive
Legislation
China Issues Draft Measures on Security Assessment of Cross-border Data Transfer
On October 29, 2021, the Cyberspace Administration of China released for public comment Draft Measures on Security Assessment of Cross-border Data Transfer. The CAC issued the Draft Measures three days before the November 1, 2021 effective date of the Personal Information Protection Law.
Continue Reading China Issues Draft Measures on Security Assessment of Cross-border Data Transfer
California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others
During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020, California’s data breach notification law and California’s data security law. Additional bills, amending the California Confidentiality of Medical Information Act and the California Insurance Code, also were also signed into law. The Governor also signed into law a bill protecting the privacy and security of genetic data processed by direct-to-consumer genetic testing companies, and a bill designed to prevent the sale, purchase and use of data obtained by illegal means.
Continue Reading California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others
Florida’s Protecting DNA Privacy Act Goes into Effect
On October 1, 2021, Florida’s Protecting DNA Privacy Act took effect. The Act, signed into law by Governor Ron DeSantis on June 29, restricts the collection, use, retention, maintenance, analysis and disclosure of any DNA sample or analysis derived from a person in Florida.
Continue Reading Florida’s Protecting DNA Privacy Act Goes into Effect
Senate Commerce Committee Holds Hearings on Protecting Consumer and Children’s Privacy
On September 29 and 30, 2021, the U.S. Senate Committee on Commerce, Science and Transportation convened hearings on how to better protect consumer and children’s privacy. …
Continue Reading Senate Commerce Committee Holds Hearings on Protecting Consumer and Children’s Privacy
New York City to Require Food Delivery Services to Share Customer Data with Restaurants
A New York City Council bill amending the New York City Administrative Code to address customer data collected by food delivery services from online orders recently became law. Effective December 27, 2021, the law will permit restaurants to request customer data from third-party food delivery services and permit customers to opt out of the sharing. The law also imposes certain requirements and limitations regarding restaurants’ use and sharing of such data.
Continue Reading New York City to Require Food Delivery Services to Share Customer Data with Restaurants
U.S. House Committee Votes to Create New FTC Privacy Bureau and Appropriate $1 Billion to the Agency
On September 14, 2021, the U.S. House Committee on Energy and Commerce voted in favor of a legislative recommendation that would create a new FTC privacy bureau as part of the proposed $3.5 trillion federal budget reconciliation package. …
Continue Reading U.S. House Committee Votes to Create New FTC Privacy Bureau and Appropriate $1 Billion to the Agency
UAE Announces New Federal Data Law
This week, the United Arab Emirates Minister of State for Artificial Intelligence, Digital Economy and Remote Work Applications announced that the UAE would introduce a new federal data law, the first federal law of its kind in the UAE.
Continue Reading UAE Announces New Federal Data Law
UK DCMS Identifies Priority Jurisdictions for UK Adequacy Recognition and Proposes New UK Information Commissioner
On August 26, 2021, the UK Department of Culture, Media and Sport made news by publishing a document indicating its intent to begin making adequacy decisions for UK data transfers to foreign jurisdictions and by announcing its preferred candidate for the position of new UK Information Commissioner.
Continue Reading UK DCMS Identifies Priority Jurisdictions for UK Adequacy Recognition and Proposes New UK Information Commissioner
Colorado Privacy Act Signed Into Law
On July 8, 2021, Colorado Governor Jared Polis signed SB21-190, the Colorado Privacy Act, into law, making Colorado the third state to have a comprehensive data privacy law on the books, following California and Virginia. This blog entry provides a summary of the Act.
Continue Reading Colorado Privacy Act Signed Into Law