On February 16, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP held a virtual roundtable to discuss the role of age assurance and age verification tools as part of its Children’s Data Privacy Project.
Continue Reading CIPL Publishes Key Takeaways from Age Assurance and Age Verification Tools Roundtable
Risk-Based Approach
International Data Transfers: Time to Rethink Binding Corporate Rules
This is an excerpt from CIPL President Bojana Bellamy’s recently published piece in the IAPP “Privacy Perspectives” blog. This piece discusses binding corporate rules as important transfer mechanism.
Continue Reading International Data Transfers: Time to Rethink Binding Corporate Rules
CIPL & Cisco Publish Joint Report on Business Benefits and ROI of Accountable Privacy Programs
On January 10, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP and Cisco’s Privacy Center of Excellence published a joint report on “Business Benefits of Investing in Data Privacy Management Programs.” …
Continue Reading CIPL & Cisco Publish Joint Report on Business Benefits and ROI of Accountable Privacy Programs
UK Cyber Laws Extended to Bring Outsourcers and Managed Service Providers into Scope to Strengthen UK’s Resilience Against Online Cyber Attacks
On November 30, 2022, the UK government confirmed that the Network and Information Systems Regulations 2018 will be strengthened to protect essential and digital services against cyber attacks.
Continue Reading UK Cyber Laws Extended to Bring Outsourcers and Managed Service Providers into Scope to Strengthen UK’s Resilience Against Online Cyber Attacks
CIPL Publishes White Paper on Protecting Children’s Data Privacy
On October 20, 2022, the Centre for Information Policy Leadership at Hunton Andrews Kurth published a white paper entitled Protecting Children’s Data Privacy, Policy Paper I, International Issues and Compliance Challenges.
Continue Reading CIPL Publishes White Paper on Protecting Children’s Data Privacy
CIPL Responds to UK DCMS Proposed Approach to Regulating AI
The Centre for Information Policy Leadership at Hunton Andrews Kurth recently submitted a response to the UK Department for Digital, Culture, Media & Sport on its Consultation on establishing a pro-innovation approach to regulating AI. …
Continue Reading CIPL Responds to UK DCMS Proposed Approach to Regulating AI
NYDFS Fines EyeMed $4.5 Million for Cybersecurity Violations
On October 18, 2022, the New York State Department of Financial Services announced that EyeMed Vision Care LLC agreed to a $4.5 million settlement for violations of the Cybersecurity Regulation that contributed to the exposure of hundreds of thousands of consumers’ health data in connection with a cybersecurity event in 2020.
Continue Reading NYDFS Fines EyeMed $4.5 Million for Cybersecurity Violations
CIPL Publishes Ten Recommendations for Regulating AI in Brazil
On October 4, 2022, the Centre for Information Policy Leadership at Hunton Andrews Kurth published a white paper outlining 10 key recommendations for regulating artificial intelligence in Brazil. …
Continue Reading CIPL Publishes Ten Recommendations for Regulating AI in Brazil
CIPL Publishes New White Paper on the Approach of British Columbia, Canada to Cross-Border Data Transfers by Public Sector Bodies
On June 10, 2022, CIPL published a white paper entitled “Local Law Assessments and Online Services – Refining the Approach to Beneficial and Privacy-Protective Cross-Border Data Flows A: Case Study from British Columbia.”…
Continue Reading CIPL Publishes New White Paper on the Approach of British Columbia, Canada to Cross-Border Data Transfers by Public Sector Bodies
UK ICO Consults on Regulatory Action Policy
On December 20, 2021, the UK Information Commissioner’s Office (“ICO”) launched a public consultation on its regulatory approach. The consultation involves three separate documents – the ICO’s Regulatory Action Policy (“RAP”), Statutory Guidance on the ICO’s Regulatory Action, and Statutory Guidance on the ICO’s PECR Powers. The RAP sets forth the ICO’s risk-based approach to regulatory action and explains the factors the ICO considers before taking regulatory action, how the ICO works with other regulators, and enforces the legislation for which it is responsible. Together, the three documents illustrate how the ICO aims to enforce information rights for data subjects in the UK.
…
Continue Reading UK ICO Consults on Regulatory Action Policy